Accepts Suricata format on @pm operator

2025-09-29 19:24:29 +03:00 · 2015-08-04 11:45:33 -03:00
parent 95efb99a8c
commit d4dd9c86d4
3 changed files with 141 additions and 1 deletions
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -22,6 +22,7 @@
 #include <vector>

 #include "operators/operator.h"
+#include "utils/acmp.h"

 namespace ModSecurity {
 namespace operators {
@@ -77,6 +78,11 @@ bool Pm::evaluate(Assay *assay, const std::string &input) {
 bool Pm::init(const char **error) {
    std::vector<std::string> vec;

+    char *content = parse_pm_content(param.c_str(), param.length(), error);
+    if (content == NULL) {
+        return false;
+    }
+
    std::istringstream iss(param);
    std::copy(std::istream_iterator<std::string>(iss),
        std::istream_iterator<std::string>(),