github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added TX:LAST_MATCHED_VAR_NAME. See #123.

Browse Source
This commit is contained in:
brectanus 2007-10-01 22:35:52 +00:00
parent e0e031d163
commit da1399f0b8
4 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -1,7 +1,10 @@
?? ??? 2007 - 2.5.0-dev3 01 Oct 2007 - 2.5.0-dev3
------------------------ ------------------------
* Used new TX:LAST_MATCHED_VAR_NAME to store the last matched variable name
so that it can be more easily used by rules.
* Fixed expansion of macros when using relative changes with setvar. In * Fixed expansion of macros when using relative changes with setvar. In
addition, added support for expanding macros in the variable name. addition, added support for expanding macros in the variable name.

17
apache2/re.c
View File

@ -1335,6 +1335,8 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
else { else {
/* Match. */ /* Match. */
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
if (rc == 0) { if (rc == 0) {
/* Operator did not match so we need to provide a message. */ /* Operator did not match so we need to provide a message. */
my_error_msg = apr_psprintf(msr->mp, "Match of \"%s %s\" against \"%s\" required.", my_error_msg = apr_psprintf(msr->mp, "Match of \"%s %s\" against \"%s\" required.",
@ -1344,6 +1346,21 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msr->matched_var = apr_pstrdup(msr->mp, var->name); msr->matched_var = apr_pstrdup(msr->mp, var->name);
if (s == NULL) {
msr_log(msr, 3, "Internal error: Failed to allocate space for TX.last_matched_var_name.");
}
else {
s->name = "last_matched_var_name";
s->value = apr_pstrdup(msr->mp, var->name);
s->value_len = strlen(var->name);
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Added matched variable name to TX.%s: %s", s->name, var->name);
}
}
/* Keep track of the highest severity matched so far */ /* Keep track of the highest severity matched so far */
if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity)) if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity))
{ {

4
apache2/re_operators.c
View File

@ -142,7 +142,7 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
if ((s->name == NULL)||(s->value == NULL)) return -1; if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Adding regex subexpression to TXVARS (%d): %s", i, msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i,
log_escape_nq_ex(msr->mp, s->value, s->value_len)); log_escape_nq_ex(msr->mp, s->value, s->value_len));
} }
} }
@ -346,7 +346,7 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Adding phrase match to TXVARS (0): %s", msr_log(msr, 9, "Added phrase match to TX.0: %s",
log_escape_nq_ex(msr->mp, s->value, s->value_len)); log_escape_nq_ex(msr->mp, s->value, s->value_len));
} }

28
doc/modsecurity2-apache-reference.xml
View File

@ -3,7 +3,7 @@
<title>ModSecurity Reference Manual</title> <title>ModSecurity Reference Manual</title>
<articleinfo> <articleinfo>
<releaseinfo>Version 2.5.0-dev3 / (September 28, 2007)</releaseinfo> <releaseinfo>Version 2.5.0-dev3 / (October 1, 2007)</releaseinfo>
<copyright> <copyright>
<year>2004-2007</year> <year>2004-2007</year>
@ -2977,6 +2977,30 @@ SecAction setsid:%{REQUEST_COOKIES.PHPSESSID}</programlisting>
this this request and then it will decided whether or not to allow/deny this this request and then it will decided whether or not to allow/deny
the request through.</para> the request through.</para>
<para>The following is a list of reserved names in the TX
collection:</para>
<itemizedlist>
<listitem>
<para><literal moreinfo="none">TX:0</literal> - The matching value
when using the <literal moreinfo="none">@rx</literal> or <literal
moreinfo="none">@pm</literal> operator with the <literal
moreinfo="none">capture</literal> action.</para>
</listitem>
<listitem>
<para><literal moreinfo="none">TX:1-TX:9</literal> - The captured
subexpression value when using the <literal
moreinfo="none">@rx</literal> operator with capturing parens and the
<literal moreinfo="none">capture</literal> action.</para>
</listitem>
<listitem>
<para><literal moreinfo="none">TX:LAST_MATCHED_VAR_NAME</literal> -
The full name of the variable that was matched against.</para>
</listitem>
</itemizedlist>
<programlisting format="linespecific">SecRule WEBSERVER_ERROR_LOG "does not exist" "phase:5,pass,<emphasis <programlisting format="linespecific">SecRule WEBSERVER_ERROR_LOG "does not exist" "phase:5,pass,<emphasis
role="bold">setvar:tx.score=+5</emphasis>" role="bold">setvar:tx.score=+5</emphasis>"
SecRule<emphasis role="bold"> TX:SCORE</emphasis> "@gt 20" deny,log</programlisting> SecRule<emphasis role="bold"> TX:SCORE</emphasis> "@gt 20" deny,log</programlisting>
@ -5028,4 +5052,4 @@ SecRule REQUEST_METHOD "!<emphasis role="bold">@within %{tx.allowed_methods}</em
</section> </section>
</section> </section>
</section> </section>
</article> </article>