github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

spaces

Browse Source
This commit is contained in:
Marc Stern 2024-05-16 16:55:31 +02:00
parent ca7b4b49bf
commit d45c4baa83
1 changed files with 1089 additions and 1136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
apache2/re_operators.c
View File

@ -306,14 +306,12 @@ static char* param_remove_escape(msre_rule* rule, char* str, int len) {
for(;*str!='\0';str++) { for(;*str!='\0';str++) {
if(*str != '\\') { if(*str != '\\') {
*parm++ = *str; *parm++ = *str;
} } else {
else {
str++; str++;
if(*str != '/') { if(*str != '/') {
str--; str--;
*parm++ = *str; *parm++ = *str;
} } else {
else {
*parm++ = *str; *parm++ = *str;
} }
} }
@ -451,8 +449,7 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) {
(ignore_case ? REG_ICASE : 0)); (ignore_case ? REG_ICASE : 0));
#endif #endif
rule->sub_regex = regex; rule->sub_regex = regex;
} } else {
else {
rule->re_precomp = 1; rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->sub_regex = NULL; rule->sub_regex = NULL;
@ -504,11 +501,9 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var,
if(strcmp(var->name,"STREAM_OUTPUT_BODY") == 0 ) { if(strcmp(var->name,"STREAM_OUTPUT_BODY") == 0 ) {
output_body = 1; output_body = 1;
} } else if(strcmp(var->name,"STREAM_INPUT_BODY") == 0 ) {
else if (strcmp(var->name, "STREAM_INPUT_BODY") == 0) {
input_body = 1; input_body = 1;
} } else {
else {
msr_log(msr,9,"Operator rsub only works with STREAM_* variables"); msr_log(msr,9,"Operator rsub only works with STREAM_* variables");
return -1; return -1;
} }
@ -529,16 +524,14 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var,
#else #else
rule->sub_regex = ap_pregcomp(msr->mp, pattern, REG_EXTENDED); rule->sub_regex = ap_pregcomp(msr->mp, pattern, REG_EXTENDED);
#endif #endif
} } else {
else {
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0
rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, AP_REG_EXTENDED); rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, AP_REG_EXTENDED);
#else #else
rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, REG_EXTENDED); rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, REG_EXTENDED);
#endif #endif
} }
} } else {
else {
rule->sub_regex = NULL; rule->sub_regex = NULL;
} }
@ -597,8 +590,7 @@ nextround:
data_out+= capture_len; data_out+= capture_len;
size+=capture_len; size+=capture_len;
i+=2; i+=2;
} } else {
else {
if (size+1>maxsize) { if (size+1>maxsize) {
maxsize*=2; maxsize*=2;
@ -751,8 +743,7 @@ static int msre_op_validateHash_param_init(msre_rule* rule, char** error_msg) {
#endif #endif
rule->op_param_data = regex; rule->op_param_data = regex;
} } else {
else {
rule->re_precomp = 1; rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->op_param_data = NULL; rule->op_param_data = NULL;
@ -806,8 +797,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if(rule->re_precomp == 0) { if(rule->re_precomp == 0) {
*error_msg = "Internal Error: regex data is null."; *error_msg = "Internal Error: regex data is null.";
return -1; return -1;
} } else {
else {
if(re_pattern == NULL) { if(re_pattern == NULL) {
*error_msg = "Internal Error: regex variable data is null."; *error_msg = "Internal Error: regex variable data is null.";
@ -869,8 +859,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -926,8 +915,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) { if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s.", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s.",
pattern, var->name); pattern, var->name);
} } else {
else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s.", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s.",
pattern, var->name); pattern, var->name);
} }
@ -942,14 +930,12 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) { if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. No Hash parameter", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. No Hash parameter",
pattern, var->name); pattern, var->name);
} } else {
else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. No Hash parameter", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. No Hash parameter",
pattern, var->name); pattern, var->name);
} }
return 1; return 1;
} } else {
else {
if(strlen(valid) < strlen(msr->txcfg->crypto_param_name)+1) if(strlen(valid) < strlen(msr->txcfg->crypto_param_name)+1)
return 1; return 1;
@ -967,8 +953,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) { if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]",
pattern, var->name, hmac, hash_link); pattern, var->name, hmac, hash_link);
} } else {
else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]", *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]",
pattern, var->name, hmac, hash_link); pattern, var->name, hmac, hash_link);
} }
@ -1033,8 +1018,7 @@ static int msre_op_rx_param_init(msre_rule * rule, char** error_msg) {
#endif #endif
rule->op_param_data = regex; rule->op_param_data = regex;
} } else {
else {
rule->re_precomp = 1; rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->op_param_data = NULL; rule->op_param_data = NULL;
@ -1085,8 +1069,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if(rule->re_precomp == 0) { if(rule->re_precomp == 0) {
*error_msg = "Internal Error: regex data is null."; *error_msg = "Internal Error: regex data is null.";
return -1; return -1;
} } else {
else {
if(re_pattern == NULL) { if(re_pattern == NULL) {
*error_msg = "Internal Error: regex variable data is null."; *error_msg = "Internal Error: regex variable data is null.";
@ -1149,8 +1132,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -1265,8 +1247,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
mparm->pad_1 = rule->actionset->arg_min; mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max; mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
} } else {
else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm)); mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL) if (mparm == NULL)
continue; continue;
@ -1295,8 +1276,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (strlen(pattern) > 252) { if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Pattern match \"%.252s ...\" at %s.", *error_msg = apr_psprintf(msr->mp, "Pattern match \"%.252s ...\" at %s.",
pattern, var->name); pattern, var->name);
} } else {
else {
*error_msg = apr_psprintf(msr->mp, "Pattern match \"%s\" at %s.", *error_msg = apr_psprintf(msr->mp, "Pattern match \"%s\" at %s.",
pattern, var->name); pattern, var->name);
} }
@ -1547,8 +1527,7 @@ static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (strlen(match_escaped) > 252) { if (strlen(match_escaped) > 252) {
*error_msg = apr_psprintf(msr->mp, "Matched phrase \"%.252s ...\" at %s.", *error_msg = apr_psprintf(msr->mp, "Matched phrase \"%.252s ...\" at %s.",
match_escaped, var->name); match_escaped, var->name);
} } else {
else {
*error_msg = apr_psprintf(msr->mp, "Matched phrase \"%s\" at %s.", *error_msg = apr_psprintf(msr->mp, "Matched phrase \"%s\" at %s.",
match_escaped, var->name); match_escaped, var->name);
} }
@ -2232,8 +2211,7 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -2305,8 +2283,7 @@ static int msre_op_detectSQLi_execute(modsec_rec * msr, msre_rule * rule, msre_v
fingerprint, fingerprint,
log_escape_ex(msr->mp, var->value, var->value_len)); log_escape_ex(msr->mp, var->value, var->value_len));
} }
} } else {
else {
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "ISSQL: not sqli, no libinjection sqli fingerprint matched input '%s'", msr_log(msr, 9, "ISSQL: not sqli, no libinjection sqli fingerprint matched input '%s'",
log_escape_ex(msr->mp, var->value, var->value_len)); log_escape_ex(msr->mp, var->value, var->value_len));
@ -2338,8 +2315,7 @@ static int msre_op_detectXSS_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "IS_XSS: libinjection detected XSS."); msr_log(msr, 9, "IS_XSS: libinjection detected XSS.");
} }
} } else {
else {
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "IS_XSS: not XSS, libinjection was not able to find any XSS."); msr_log(msr, 9, "IS_XSS: not XSS, libinjection was not able to find any XSS.");
} }
@ -2390,8 +2366,7 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -2490,8 +2465,7 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var *
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -2554,8 +2528,7 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -2622,8 +2595,7 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -2708,8 +2680,7 @@ static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -3017,8 +2988,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -3110,8 +3080,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var
mparm->pad_1 = rule->actionset->arg_min; mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max; mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
} } else {
else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm)); mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL) if (mparm == NULL)
continue; continue;
@ -3213,8 +3182,7 @@ static int cpf_verify(const char* cpfnumber, int len) {
if(factor < 2) { if(factor < 2) {
cpf[9] = 0; cpf[9] = 0;
} } else {
else {
cpf[9] = cpf_len-factor; cpf[9] = cpf_len-factor;
} }
@ -3228,8 +3196,7 @@ static int cpf_verify(const char* cpfnumber, int len) {
if(factor < 2) { if(factor < 2) {
cpf[10] = 0; cpf[10] = 0;
} } else {
else {
cpf[10] = cpf_len-factor; cpf[10] = cpf_len-factor;
} }
@ -3353,8 +3320,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -3676,8 +3642,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (var->value == NULL) { if (var->value == NULL) {
target = ""; target = "";
target_length = 0; target_length = 0;
} } else {
else {
target = var->value; target = var->value;
target_length = var->value_len; target_length = var->value_len;
} }
@ -3769,8 +3734,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va
mparm->pad_1 = rule->actionset->arg_min; mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max; mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
} } else {
else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm)); mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL) if (mparm == NULL)
continue; continue;
@ -3977,17 +3941,14 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
msr_log(msr, 4, "RBL httpBl called but no key defined: set SecHttpBlKey"); msr_log(msr, 4, "RBL httpBl called but no key defined: set SecHttpBlKey");
} }
*error_msg = "RBL httpBl called but no key defined: set SecHttpBlKey"; *error_msg = "RBL httpBl called but no key defined: set SecHttpBlKey";
} } else {
else {
name_to_check = apr_psprintf(msr->mp, "%s.%d.%d.%d.%d.%s", msr->txcfg->httpBlkey, h3, h2, h1, h0, rule->op_param); name_to_check = apr_psprintf(msr->mp, "%s.%d.%d.%d.%d.%s", msr->txcfg->httpBlkey, h3, h2, h1, h0, rule->op_param);
} }
} } else {
else {
/* regular IPv4 RBLs */ /* regular IPv4 RBLs */
name_to_check = apr_psprintf(msr->mp, "%d.%d.%d.%d.%s", h3, h2, h1, h0, rule->op_param); name_to_check = apr_psprintf(msr->mp, "%d.%d.%d.%d.%s", h3, h2, h1, h0, rule->op_param);
} }
} } else {
else {
/* Assume the input is a domain name. */ /* Assume the input is a domain name. */
name_to_check = apr_psprintf(msr->mp, "%s.%s", target, rule->op_param); name_to_check = apr_psprintf(msr->mp, "%s.%s", target, rule->op_param);
} }
@ -4033,8 +3994,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
set_match_to_tx(msr, capture, *error_msg, 0); set_match_to_tx(msr, capture, *error_msg, 0);
} } else
else
if(strstr(rule->op_param,"spamhaus.org")) { if(strstr(rule->op_param,"spamhaus.org")) {
switch(high8bits) { switch(high8bits) {
@ -4063,8 +4023,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
set_match_to_tx(msr, capture, *error_msg, 0); set_match_to_tx(msr, capture, *error_msg, 0);
} } else
else
if(strstr(rule->op_param,"httpbl.org")) { if(strstr(rule->op_param,"httpbl.org")) {
char *respBl; char *respBl;
int first, days, score, type; int first, days, score, type;
@ -4072,8 +4031,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
respBl = inet_ntoa(sa->sa.sin.sin_addr); respBl = inet_ntoa(sa->sa.sin.sin_addr);
if (sscanf(respBl, "%d.%d.%d.%d", &first, &days, &score, &type) != 4) { if (sscanf(respBl, "%d.%d.%d.%d", &first, &days, &score, &type) != 4) {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check));
} } else {
else {
if (first != 127) { if (first != 127) {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check));
} }
@ -4114,8 +4072,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
} }
set_match_to_tx(msr, capture, *error_msg, 0); set_match_to_tx(msr, capture, *error_msg, 0);
/* end of httpBl code */ /* end of httpBl code */
} } else {
else {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.", *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.",
log_escape_nq(msr->mp, name_to_check), var->name); log_escape_nq(msr->mp, name_to_check), var->name);
@ -4211,8 +4168,7 @@ static int msre_op_fuzzy_hash_init(msre_rule * rule, char** error_msg)
if (param_data->head == NULL) { if (param_data->head == NULL) {
param_data->head = chunk; param_data->head = chunk;
} } else {
else {
t = param_data->head; t = param_data->head;
while (t->next) { while (t->next) {
@ -4428,8 +4384,7 @@ static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) {
return 0; return 0;
} }
table[x>>3] = (table[x>>3] | (1 << (x & 0x7))); table[x>>3] = (table[x>>3] | (1 << (x & 0x7)));
} } else {
else {
/* Range. */ /* Range. */
int start = atoi(p); int start = atoi(p);
int end = atoi(s + 1); int end = atoi(s + 1);
@ -4524,14 +4479,12 @@ static int validate_url_encoding(const char* input, long int input_length) {
&& (((c2 >= '0')&&(c2 <= '9')) || ((c2 >= 'a')&&(c2 <= 'f')) || ((c2 >= 'A')&&(c2 <= 'F'))) ) && (((c2 >= '0')&&(c2 <= '9')) || ((c2 >= 'a')&&(c2 <= 'f')) || ((c2 >= 'A')&&(c2 <= 'F'))) )
{ {
i += 3; i += 3;
} } else {
else {
/* Non-hexadecimal characters used in encoding. */ /* Non-hexadecimal characters used in encoding. */
return -2; return -2;
} }
} }
} } else {
else {
i++; i++;
} }
} }