PoC: Adds support to direct access on ARGS collection

src/parser/seclang-parser.yy

@@ -144,6 +144,7 @@ class Driver;
 #include "src/utils/geo_lookup.h"
 #include "src/utils/string.h"
 #include "src/utils/system.h"
+#include "src/variables/args.h"
 #include "src/variables/args_names.h"
 #include "src/variables/xml.h"
 #include "src/variables/args_combined_size.h"
@@ -315,6 +316,7 @@ using modsecurity::operators::Operator;
   COMMA    ","
   PIPE
   NEW_LINE
+  VARIABLE_ARGS
   VARIABLE_ARGS_COMBINED_SIZE
   VARIABLE_ARGS_GET_NAMES
   VARIABLE_ARGS_NAMES           "Variable ARGS_NAMES"
@@ -575,6 +577,8 @@ using modsecurity::operators::Operator;
   VARIABLE_COL                                 "VARIABLE_COL"
   VARIABLE_STATUS                              "VARIABLE_STATUS"
   VARIABLE_TX                                  "VARIABLE_TX"
+  DICT_ELEMENT                                 "Dictionary element"
+  DICT_ELEMENT_REGEXP                          "Dictionary element, selected by regexp"
 ;
 
 %type <std::unique_ptr<actions::Action>> act
@@ -1256,6 +1260,21 @@ var:
         std::unique_ptr<Variable> c(new Variables::ArgsNames());
         $$ = std::move(c);
       }
+    | VARIABLE_ARGS DICT_ELEMENT
+      {
+        std::unique_ptr<Variable> c(new Variables::Args_DictElement($2));
+        $$ = std::move(c);
+      }
+    | VARIABLE_ARGS DICT_ELEMENT_REGEXP
+      {
+        std::unique_ptr<Variable> c(new Variables::Args_DictElementRegexp($2));
+        $$ = std::move(c);
+      }
+    | VARIABLE_ARGS
+      {
+        std::unique_ptr<Variable> c(new Variables::Args_NoDictElement());
+        $$ = std::move(c);
+      }
     | VARIABLE_ARGS_GET_NAMES
       {
         std::unique_ptr<Variable> c(new Variables::ArgsGetNames());

src/parser/seclang-scanner.ll

@@ -307,7 +307,8 @@ VARIABLE_USER_ID                          (?i:USERID)
 VARIABLE_WEBSERVER_ERROR_LOG              (?i:WEBSERVER_ERROR_LOG)
 
 
-VARIABLE_COL                            (?i:(ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|REQUEST_COOKIES_NAMES))
+VARIABLE_ARGS                           (?i:ARGS)
+VARIABLE_COL                            (?i:(ARGS_POST|ARGS_GET|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|REQUEST_COOKIES_NAMES))
 VARIABLE_SESSION                        (?i:(SESSION))
 VARIABLE_IP                             (?i:(IP))
 VARIABLE_USER                           (?i:(USER))
@@ -331,6 +332,7 @@ EQUALS_MINUS                            (?i:=\-)
 %x TRANSACTION_FROM_VARIABLE_TO_OPERATOR
 %x EXPECTING_OPERATOR
 %x COMMENT
+%x EXPECTING_VAR_PARAMETER
 %x EXPECTING_PARAMETER
 %x EXPECTING_ACTIONS
 %x TRANSACTION_FROM_OPERATOR_TO_ACTIONS
@@ -723,6 +725,15 @@ EQUALS_MINUS                            (?i:=\-)
 {VARIABLE_URL_ENCODED_ERROR}                { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
 {VARIABLE_USER_ID}                          { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
 
+{VARIABLE_ARGS}                             { return p::make_VARIABLE_ARGS(*driver.loc.back()); }
+{VARIABLE_ARGS}[:]                          { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
+}
+
+
+<EXPECTING_VAR_PARAMETER>{
+[\/]{DICT_ELEMENT}[\/]                        { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT_REGEXP(yytext, *driver.loc.back()); }
+{DICT_ELEMENT}                                { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
+.                                             { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
 }
 
 <EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{