From dca642369ea007ebe256675e7cf056cc73c9398c Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Mon, 26 Feb 2018 17:53:18 -0300 Subject: [PATCH] Fix on top of #1677 --- CHANGES | 2 +- src/operators/ip_match_from_file.cc | 2 +- src/utils/system.cc | 7 ++++++- test/test-cases/data/config_example-bad-op-include.txt | 2 +- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index 8a4572ef..17e1c0d6 100644 --- a/CHANGES +++ b/CHANGES @@ -8,7 +8,7 @@ v3.0.x - YYYY-MMM-DD (To be released) - Fix "make dist" target to include necessary headers for Lua [Issue #1678 - @defanator] - Fix "include /foo/*.conf" for single matched object in directory - [Issue #1677 - @defanator] + [Issue #1677 - @defanator, @zimmerle] - Add missing Base64 transformation statements to parser [Issue #1632 - @victorhora, @zimmerle] - Fixed resource load on ip match from file diff --git a/src/operators/ip_match_from_file.cc b/src/operators/ip_match_from_file.cc index 9dc1ee23..3984df5f 100644 --- a/src/operators/ip_match_from_file.cc +++ b/src/operators/ip_match_from_file.cc @@ -34,7 +34,7 @@ bool IpMatchFromFile::init(const std::string &file, if (m_param.compare(0, 8, "https://") == 0) { res = m_tree.addFromUrl(m_param, &e); } else { - std::string resf = utils::find_resource(m_param, file, error);\ + std::string resf = utils::find_resource(m_param, file, error); if (resf == "") { return false; } diff --git a/src/utils/system.cc b/src/utils/system.cc index a02d0aa9..466fcb38 100644 --- a/src/utils/system.cc +++ b/src/utils/system.cc @@ -123,7 +123,12 @@ std::list expandEnv(const std::string& var, int flags) { if (wordexp(var.c_str(), &p, flags) == false) { if (p.we_wordc) { for (char** exp = p.we_wordv; *exp; ++exp) { - vars.push_back(exp[0]); + std::ifstream *iss = new std::ifstream(exp[0], std::ios::in); + if (iss->is_open()) { + iss->close(); + delete iss; + vars.push_back(exp[0]); + } } } wordfree(&p); diff --git a/test/test-cases/data/config_example-bad-op-include.txt b/test/test-cases/data/config_example-bad-op-include.txt index 2b350248..2b94a533 100644 --- a/test/test-cases/data/config_example-bad-op-include.txt +++ b/test/test-cases/data/config_example-bad-op-include.txt @@ -1,2 +1,2 @@ SecRule ARGS "@contains config_example" "id:10,pass,t:trim" -SecRule ARGS "@missingOperator config_example" "id:11,pass,t:trim" +SecRule ARGS 123 "@missingOperator config_example" "id:11,pass,t:trim"