github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

spaces

Browse Source
This commit is contained in:
Marc Stern 2024-05-16 16:55:31 +02:00
parent ca7b4b49bf
commit d45c4baa83
1 changed files with 1089 additions and 1136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
apache2/re_operators.c
View File

@ -306,14 +306,12 @@ static char* param_remove_escape(msre_rule* rule, char* str, int len) {
for(;*str!='\0';str++) {
if(*str != '\\') {
*parm++ = *str;
}
else {
} else {
str++;
if(*str != '/') {
str--;
*parm++ = *str;
}
else {
} else {
*parm++ = *str;
}
}
@ -451,8 +449,7 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) {
(ignore_case ? REG_ICASE : 0));
#endif
rule->sub_regex = regex;
}
else {
} else {
rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->sub_regex = NULL;
@ -504,11 +501,9 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var,
if(strcmp(var->name,"STREAM_OUTPUT_BODY") == 0 ) {
output_body = 1;
}
else if (strcmp(var->name, "STREAM_INPUT_BODY") == 0) {
} else if(strcmp(var->name,"STREAM_INPUT_BODY") == 0 ) {
input_body = 1;
}
else {
} else {
msr_log(msr,9,"Operator rsub only works with STREAM_* variables");
return -1;
}
@ -529,16 +524,14 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var,
#else
rule->sub_regex = ap_pregcomp(msr->mp, pattern, REG_EXTENDED);
#endif
}
else {
} else {
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0
rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, AP_REG_EXTENDED);
#else
rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, REG_EXTENDED);
#endif
}
}
else {
} else {
rule->sub_regex = NULL;
}
@ -597,8 +590,7 @@ nextround:
data_out+= capture_len;
size+=capture_len;
i+=2;
}
else {
} else {
if (size+1>maxsize) {
maxsize*=2;
@ -751,8 +743,7 @@ static int msre_op_validateHash_param_init(msre_rule* rule, char** error_msg) {
#endif
rule->op_param_data = regex;
}
else {
} else {
rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->op_param_data = NULL;
@ -806,8 +797,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if(rule->re_precomp == 0) {
*error_msg = "Internal Error: regex data is null.";
return -1;
}
else {
} else {
if(re_pattern == NULL) {
*error_msg = "Internal Error: regex variable data is null.";
@ -869,8 +859,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -926,8 +915,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s.",
pattern, var->name);
}
else {
} else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s.",
pattern, var->name);
}
@ -942,14 +930,12 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. No Hash parameter",
pattern, var->name);
}
else {
} else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. No Hash parameter",
pattern, var->name);
}
return 1;
}
else {
} else {
if(strlen(valid) < strlen(msr->txcfg->crypto_param_name)+1)
return 1;
@ -967,8 +953,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v
if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]",
pattern, var->name, hmac, hash_link);
}
else {
} else {
*error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]",
pattern, var->name, hmac, hash_link);
}
@ -1033,8 +1018,7 @@ static int msre_op_rx_param_init(msre_rule * rule, char** error_msg) {
#endif
rule->op_param_data = regex;
}
else {
} else {
rule->re_precomp = 1;
rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern));
rule->op_param_data = NULL;
@ -1085,8 +1069,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if(rule->re_precomp == 0) {
*error_msg = "Internal Error: regex data is null.";
return -1;
}
else {
} else {
if(re_pattern == NULL) {
*error_msg = "Internal Error: regex variable data is null.";
@ -1149,8 +1132,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -1265,8 +1247,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
}
else {
} else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL)
continue;
@ -1295,8 +1276,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (strlen(pattern) > 252) {
*error_msg = apr_psprintf(msr->mp, "Pattern match \"%.252s ...\" at %s.",
pattern, var->name);
}
else {
} else {
*error_msg = apr_psprintf(msr->mp, "Pattern match \"%s\" at %s.",
pattern, var->name);
}
@ -1547,8 +1527,7 @@ static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var
if (strlen(match_escaped) > 252) {
*error_msg = apr_psprintf(msr->mp, "Matched phrase \"%.252s ...\" at %s.",
match_escaped, var->name);
}
else {
} else {
*error_msg = apr_psprintf(msr->mp, "Matched phrase \"%s\" at %s.",
match_escaped, var->name);
}
@ -2232,8 +2211,7 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -2305,8 +2283,7 @@ static int msre_op_detectSQLi_execute(modsec_rec * msr, msre_rule * rule, msre_v
fingerprint,
log_escape_ex(msr->mp, var->value, var->value_len));
}
}
else {
} else {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "ISSQL: not sqli, no libinjection sqli fingerprint matched input '%s'",
log_escape_ex(msr->mp, var->value, var->value_len));
@ -2338,8 +2315,7 @@ static int msre_op_detectXSS_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "IS_XSS: libinjection detected XSS.");
}
}
else {
} else {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "IS_XSS: not XSS, libinjection was not able to find any XSS.");
}
@ -2390,8 +2366,7 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -2490,8 +2465,7 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var *
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -2554,8 +2528,7 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -2622,8 +2595,7 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -2708,8 +2680,7 @@ static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -3017,8 +2988,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -3110,8 +3080,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var
mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
}
else {
} else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL)
continue;
@ -3213,8 +3182,7 @@ static int cpf_verify(const char* cpfnumber, int len) {
if(factor < 2) {
cpf[9] = 0;
}
else {
} else {
cpf[9] = cpf_len-factor;
}
@ -3228,8 +3196,7 @@ static int cpf_verify(const char* cpfnumber, int len) {
if(factor < 2) {
cpf[10] = 0;
}
else {
} else {
cpf[10] = cpf_len-factor;
}
@ -3353,8 +3320,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -3676,8 +3642,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va
if (var->value == NULL) {
target = "";
target_length = 0;
}
else {
} else {
target = var->value;
target_length = var->value_len;
}
@ -3769,8 +3734,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va
mparm->pad_1 = rule->actionset->arg_min;
mparm->pad_2 = rule->actionset->arg_max;
apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm);
}
else {
} else {
mparm = apr_palloc(msr->mp, sizeof(msc_parm));
if (mparm == NULL)
continue;
@ -3977,17 +3941,14 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
msr_log(msr, 4, "RBL httpBl called but no key defined: set SecHttpBlKey");
}
*error_msg = "RBL httpBl called but no key defined: set SecHttpBlKey";
}
else {
} else {
name_to_check = apr_psprintf(msr->mp, "%s.%d.%d.%d.%d.%s", msr->txcfg->httpBlkey, h3, h2, h1, h0, rule->op_param);
}
}
else {
} else {
/* regular IPv4 RBLs */
name_to_check = apr_psprintf(msr->mp, "%d.%d.%d.%d.%s", h3, h2, h1, h0, rule->op_param);
}
}
else {
} else {
/* Assume the input is a domain name. */
name_to_check = apr_psprintf(msr->mp, "%s.%s", target, rule->op_param);
}
@ -4033,8 +3994,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
set_match_to_tx(msr, capture, *error_msg, 0);
}
else
} else
if(strstr(rule->op_param,"spamhaus.org")) {
switch(high8bits) {
@ -4063,8 +4023,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
set_match_to_tx(msr, capture, *error_msg, 0);
}
else
} else
if(strstr(rule->op_param,"httpbl.org")) {
char *respBl;
int first, days, score, type;
@ -4072,8 +4031,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
respBl = inet_ntoa(sa->sa.sin.sin_addr);
if (sscanf(respBl, "%d.%d.%d.%d", &first, &days, &score, &type) != 4) {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check));
}
else {
} else {
if (first != 127) {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check));
}
@ -4114,8 +4072,7 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va
}
set_match_to_tx(msr, capture, *error_msg, 0);
/* end of httpBl code */
}
else {
} else {
*error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.",
log_escape_nq(msr->mp, name_to_check), var->name);
@ -4211,8 +4168,7 @@ static int msre_op_fuzzy_hash_init(msre_rule * rule, char** error_msg)
if (param_data->head == NULL) {
param_data->head = chunk;
}
else {
} else {
t = param_data->head;
while (t->next) {
@ -4428,8 +4384,7 @@ static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) {
return 0;
}
table[x>>3] = (table[x>>3] | (1 << (x & 0x7)));
}
else {
} else {
/* Range. */
int start = atoi(p);
int end = atoi(s + 1);
@ -4524,14 +4479,12 @@ static int validate_url_encoding(const char* input, long int input_length) {
&& (((c2 >= '0')&&(c2 <= '9')) || ((c2 >= 'a')&&(c2 <= 'f')) || ((c2 >= 'A')&&(c2 <= 'F'))) )
{
i += 3;
}
else {
} else {
/* Non-hexadecimal characters used in encoding. */
return -2;
}
}
}
else {
} else {
i++;
}
}