github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Using shared var for variables names

Browse Source
This commit is contained in:
Felipe Zimmerle 2018-02-02 15:41:13 -03:00
parent 6f7fdd9493
commit de7c5c89bb
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
21 changed files with 183 additions and 187 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
headers/modsecurity/collection/collection.h
View File

@ -40,6 +40,7 @@ namespace collection {
class Collection {
public:
Collection(std::string a) : m_name(a) { }
virtual ~Collection() { }
virtual void store(std::string key, std::string value) = 0;

36
headers/modsecurity/collection/variable.h
View File

@ -35,28 +35,60 @@ typedef struct Variable_t Variable;
namespace modsecurity {
namespace collection {
class Collection;
class Variable {
public:
explicit Variable(const std::string *key) :
m_key(""),
m_value("") {
m_key.assign(*key);
m_keyWithCollection = std::make_shared<std::string>(*key);
}
Variable(const std::string *key, const std::string *value) :
m_key(""),
m_value("") {
m_key.assign(*key);
m_value.assign(*value);
m_keyWithCollection = std::make_shared<std::string>(*key);
}
Variable() :
m_key(""),
m_value("") { }
m_value("") {
m_keyWithCollection = std::make_shared<std::string>(m_key);
}
Variable(const std::string *a, const std::string *b, const std::string *c) :
m_key(*a + ":" + *b),
m_value(*c) {
m_keyWithCollection = std::make_shared<std::string>(*a + ":" + *b);
}
Variable(std::shared_ptr<std::string> fullName) :
m_key(""),
m_value("") {
m_keyWithCollection = fullName;
m_key.assign(*fullName.get());
}
Variable(std::shared_ptr<std::string> fullName, const std::string *value) :
m_key(""),
m_value("") {
m_value.assign(*value);
m_keyWithCollection = fullName;
m_key.assign(*fullName.get());
}
explicit Variable(const Variable *o) :
m_key(""),
m_value("") {
m_key.assign(o->m_key);
m_value.assign(o->m_value);
m_col.assign(o->m_col);
m_keyWithCollection = o->m_keyWithCollection;
for (auto &i : o->m_orign) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
origin->m_offset = i->m_offset;
@ -67,6 +99,8 @@ class Variable {
std::string m_key;
std::string m_value;
std::string m_col;
std::shared_ptr<std::string> m_keyWithCollection;
std::list<std::unique_ptr<VariableOrigin>> m_orign;
};

8
src/anchored_set_variable.cc
View File

@ -53,10 +53,8 @@ void AnchoredSetVariable::set(const std::string &key,
const std::string &value, size_t offset, size_t len) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *v = new std::string(value);
std::string *k = new std::string(m_name + ":" + key);
collection::Variable *var = new collection::Variable(k, v);
collection::Variable *var = new collection::Variable(std::make_shared<std::string>(m_name + ":" + key), v);
delete v;
delete k;
origin->m_offset = offset;
origin->m_length = len;
@ -70,10 +68,8 @@ void AnchoredSetVariable::set(const std::string &key,
const std::string &value, size_t offset) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *v = new std::string(value);
std::string *k = new std::string(m_name + ":" + key);
collection::Variable *var = new collection::Variable(k, v);
collection::Variable *var = new collection::Variable(std::make_shared<std::string>(m_name + ":" + key), v);
delete v;
delete k;
origin->m_offset = offset;
origin->m_length = value.size();

87
src/collection/backend/in_memory-per_process.cc
View File

@ -36,7 +36,8 @@ namespace collection {
namespace backend {
InMemoryPerProcess::InMemoryPerProcess() {
InMemoryPerProcess::InMemoryPerProcess(std::string name) :
Collection(name) {
this->reserve(1000);
pthread_mutex_init(&m_lock, NULL);
}
@ -89,7 +90,7 @@ void InMemoryPerProcess::resolveSingleMatch(const std::string& var,
auto range = this->equal_range(var);
for (auto it = range.first; it != range.second; ++it) {
l->push_back(new Variable(&it->first, &it->second));
l->push_back(new Variable(&m_name, &it->first, &it->second));
}
}
@ -99,33 +100,15 @@ void InMemoryPerProcess::resolveMultiMatches(const std::string& var,
size_t keySize = var.size();
l->reserve(15);
auto range = this->equal_range(var);
for (auto it = range.first; it != range.second; ++it) {
l->insert(l->begin(), new Variable(&var, &it->second));
}
for (const auto& x : *this) {
bool diff = false;
if (x.first.size() <= keySize + 1) {
continue;
if (keySize == 0) {
for (auto &i : *this) {
l->insert(l->begin(), new Variable(&m_name, &i.first, &i.second));
}
if (x.first.at(keySize) != ':') {
continue;
} else {
auto range = this->equal_range(var);
for (auto it = range.first; it != range.second; ++it) {
l->insert(l->begin(), new Variable(&m_name, &var, &it->second));
}
for (int i = 0; i < keySize && diff == false; i++) {
if (std::tolower(x.first.at(i)) != std::tolower(var.at(i))) {
diff = true;
}
}
if (diff == true) {
continue;
}
l->insert(l->begin(), new Variable(&x.first, &x.second));
}
}
@ -133,36 +116,37 @@ void InMemoryPerProcess::resolveMultiMatches(const std::string& var,
void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
std::vector<const Variable *> *l) {
if (var.find(":") == std::string::npos) {
return;
}
if (var.size() < var.find(":") + 3) {
return;
}
std::string col = std::string(var, 0, var.find(":"));
std::string name = std::string(var, var.find(":") + 2,
var.size() - var.find(":") - 3);
size_t keySize = col.size();
Utils::Regex r = Utils::Regex(name);
//if (var.find(":") == std::string::npos) {
// return;
//}
//if (var.size() < var.find(":") + 3) {
// return;
//}
//std::string col = std::string(var, 0, var.find(":"));
//std::string name = std::string(var, var.find(":") + 2,
// var.size() - var.find(":") - 3);
//size_t keySize = col.size();
Utils::Regex r = Utils::Regex(var);
for (const auto& x : *this) {
if (x.first.size() <= keySize + 1) {
continue;
}
if (x.first.at(keySize) != ':') {
continue;
}
if (std::string(x.first, 0, keySize) != col) {
continue;
}
std::string content = std::string(x.first, keySize + 1,
x.first.size() - keySize - 1);
int ret = Utils::regex_search(content, r);
//if (x.first.size() <= keySize + 1) {
// continue;
//}
//if (x.first.at(keySize) != ':') {
// continue;
//}
//if (std::string(x.first, 0, keySize) != col) {
// continue;
//}
//std::string content = std::string(x.first, keySize + 1,
// x.first.size() - keySize - 1);
int ret = Utils::regex_search(x.first, r);
if (ret <= 0) {
continue;
}
l->insert(l->begin(), new Variable(&x.first, &x.second));
l->insert(l->begin(), new Variable(&m_name, &x.first, &x.second));
}
}
@ -170,7 +154,6 @@ void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
std::unique_ptr<std::string> InMemoryPerProcess::resolveFirst(
const std::string& var) {
auto range = equal_range(var);
for (auto it = range.first; it != range.second; ++it) {
return std::unique_ptr<std::string>(new std::string(it->second));
}

2
src/collection/backend/in_memory-per_process.h
View File

@ -71,7 +71,7 @@ class InMemoryPerProcess :
/*std::hash<std::string>*/MyHash, MyEqual>,
public Collection {
public:
InMemoryPerProcess();
InMemoryPerProcess(std::string name);
~InMemoryPerProcess();
void store(std::string key, std::string value) override;

3
src/collection/collections.cc
View File

@ -44,7 +44,8 @@ Collections::Collections(Collection *global,
m_ip_collection(ip),
m_session_collection(session),
m_user_collection(user),
m_tx_collection(new backend::InMemoryPerProcess()) { }
m_tx_collection(new backend::InMemoryPerProcess("TX")) {
}
Collections::~Collections() { }

10
src/modsecurity.cc
View File

@ -66,11 +66,11 @@ ModSecurity::ModSecurity()
m_session_collection(new collection::backend::LMDB()),
m_user_collection(new collection::backend::LMDB()),
#else
m_global_collection(new collection::backend::InMemoryPerProcess()),
m_resource_collection(new collection::backend::InMemoryPerProcess()),
m_ip_collection(new collection::backend::InMemoryPerProcess()),
m_session_collection(new collection::backend::InMemoryPerProcess()),
m_user_collection(new collection::backend::InMemoryPerProcess()),
m_global_collection(new collection::backend::InMemoryPerProcess("GLOBAL")),
m_ip_collection(new collection::backend::InMemoryPerProcess("IP")),
m_resource_collection(new collection::backend::InMemoryPerProcess("RESOURCE")),
m_session_collection(new collection::backend::InMemoryPerProcess("SESSION")),
m_user_collection(new collection::backend::InMemoryPerProcess("USER")),
#endif
m_logCb(NULL) {
UniqueId::uniqueId();

2
src/operators/pm.cc
View File

@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule,
}
if (capture && transaction && rc) {
transaction->m_collections.m_tx_collection->storeOrUpdateFirst("TX:0",
transaction->m_collections.m_tx_collection->storeOrUpdateFirst("0",
std::string(match));
#ifndef NO_LOGS
transaction->debug(7, "Added pm match TX.0: " + \

2
src/operators/rx.cc
View File

@ -59,7 +59,7 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
matches.reverse();
for (const SMatch& a : matches) {
transaction->m_collections.m_tx_collection->storeOrUpdateFirst(
"TX:" + std::to_string(i), a.match);
std::to_string(i), a.match);
#ifndef NO_LOGS
transaction->debug(7, "Added regex subexpression TX." +
std::to_string(i) + ": " + a.match);

7
src/variables/env.cc
View File

@ -43,16 +43,15 @@ void Env::evaluate(Transaction *transaction,
}
std::string key = std::string(env, 0, pos);
std::string value = std::string(env, pos+1, env.length() - (pos + 1));
std::pair<std::string, std::string> a("ENV:" + key, value);
std::pair<std::string, std::string> a(key, value);
transaction->m_variableEnvs.insert(a);
}
for (auto& x : transaction->m_variableEnvs) {
if ((x.first.substr(0, m_name.size() + 1).compare(m_name + ":") != 0)
&& (x.first != m_name)) {
if (x.first != m_name && m_name.length() > 0) {
continue;
}
l->push_back(new collection::Variable(&x.first, &x.second));
l->push_back(new collection::Variable(&m_collectionName, &x.first, &x.second));
}
}

8
src/variables/global.h
View File

@ -35,7 +35,7 @@ class Global_DictElement : public Variable {
public:
explicit Global_DictElement(std::string dictElement)
: Variable("GLOBAL"),
m_dictElement("GLOBAL:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -67,7 +67,7 @@ class Global_DictElementRegexp : public Variable {
explicit Global_DictElementRegexp(std::string dictElement)
: Variable("GLOBAL:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("GLOBAL:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -92,7 +92,7 @@ class Global_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_global_collection->resolveMultiMatches(
"GLOBAL:" + string, t->m_collections.m_global_collection_key, l);
string, t->m_collections.m_global_collection_key, l);
}
@ -104,7 +104,7 @@ class Global_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_global_collection->storeOrUpdateFirst(
"GLOBAL:" + var, t->m_collections.m_global_collection_key, value);
var, t->m_collections.m_global_collection_key, value);
}
std::unique_ptr<RunTimeString> m_string;

2
src/variables/highest_severity.cc
View File

@ -31,7 +31,7 @@ void HighestSeverity::evaluate(Transaction *transaction,
std::vector<const collection::Variable *> *l) {
transaction->m_variableHighestSeverityAction.assign(
std::to_string(transaction->m_highestSeverityAction));
l->push_back(new collection::Variable(&m_retName,
l->push_back(new collection::Variable(m_fullName,
&transaction->m_variableHighestSeverityAction));
}

2
src/variables/ip.h
View File

@ -104,7 +104,7 @@ class Ip_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_ip_collection->storeOrUpdateFirst(
"IP:" + var, t->m_collections.m_ip_collection_key, value);
var, t->m_collections.m_ip_collection_key, value);
}
std::unique_ptr<RunTimeString> m_string;

8
src/variables/resource.h
View File

@ -35,7 +35,7 @@ class Resource_DictElement : public Variable {
public:
explicit Resource_DictElement(std::string dictElement)
: Variable("RESOURCE:" + dictElement),
m_dictElement("RESOURCE:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -69,7 +69,7 @@ class Resource_DictElementRegexp : public Variable {
explicit Resource_DictElementRegexp(std::string dictElement)
: Variable("RESOURCE:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("RESOURCE:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -95,7 +95,7 @@ class Resource_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_resource_collection->resolveMultiMatches(
"RESOURCE:" + string,
string,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
}
@ -108,7 +108,7 @@ class Resource_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_resource_collection->storeOrUpdateFirst(
"RESOURCE:" + var,
var,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, value);
}

10
src/variables/session.h
View File

@ -35,7 +35,7 @@ class Session_DictElement : public Variable {
public:
explicit Session_DictElement(std::string dictElement)
: Variable("SESSION"),
m_dictElement("SESSION:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -67,9 +67,9 @@ class Session_NoDictElement : public Variable {
class Session_DictElementRegexp : public Variable {
public:
explicit Session_DictElementRegexp(std::string dictElement)
: Variable("SESSION"),
: Variable("SESSION:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("SESSION:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -95,7 +95,7 @@ class Session_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_session_collection->resolveMultiMatches(
"SESSION:" + string,
string,
t->m_collections.m_session_collection_key, l);
}
@ -107,7 +107,7 @@ class Session_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_session_collection->storeOrUpdateFirst(
"SESSION:" + var, t->m_collections.m_session_collection_key,
var, t->m_collections.m_session_collection_key,
value);
}

14
src/variables/tx.h
View File

@ -35,7 +35,7 @@ class Tx_DictElement : public Variable {
public:
explicit Tx_DictElement(std::string dictElement)
: Variable("TX:" + dictElement),
m_dictElement("TX:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -56,7 +56,7 @@ class Tx_NoDictElement : public Variable {
void evaluate(Transaction *t,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
t->m_collections.m_tx_collection->resolveMultiMatches(m_name, l);
t->m_collections.m_tx_collection->resolveMultiMatches("", l);
}
};
@ -64,9 +64,9 @@ class Tx_NoDictElement : public Variable {
class Tx_DictElementRegexp : public Variable {
public:
explicit Tx_DictElementRegexp(std::string dictElement)
: Variable("TX"),
: Variable("TX:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("TX:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -90,8 +90,7 @@ class Tx_DynamicElement : public Variable {
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_tx_collection->resolveMultiMatches(
"TX:" + string, l);
t->m_collections.m_tx_collection->resolveMultiMatches(string, l);
}
void del(Transaction *t, std::string k) {
@ -100,8 +99,7 @@ class Tx_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"TX:" + var, value);
t->m_collections.m_tx_collection->storeOrUpdateFirst(var, value);
}
std::unique_ptr<RunTimeString> m_string;

10
src/variables/user.h
View File

@ -35,7 +35,7 @@ class User_DictElement : public Variable {
public:
explicit User_DictElement(std::string dictElement)
: Variable("USER"),
m_dictElement("USER:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -67,9 +67,9 @@ class User_NoDictElement : public Variable {
class User_DictElementRegexp : public Variable {
public:
explicit User_DictElementRegexp(std::string dictElement)
: Variable("USER"),
: Variable("USER:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("USER:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@ -95,7 +95,7 @@ class User_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_user_collection->resolveMultiMatches(
"USER:" + string, t->m_collections.m_user_collection_key, l);
string, t->m_collections.m_user_collection_key, l);
}
void del(Transaction *t, std::string k) {
@ -106,7 +106,7 @@ class User_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_user_collection->storeOrUpdateFirst(
"USER:" + var, t->m_collections.m_user_collection_key,
var, t->m_collections.m_user_collection_key,
value);
}

100
src/variables/variable.cc
View File

@ -33,47 +33,18 @@ Variable::Variable(std::string name)
m_collectionName(""),
m_isExclusion(false),
m_isCount(false) {
if (m_name.find(":") != std::string::npos) {
std::string col = utils::string::toupper(
std::string(m_name, 0, m_name.find(":")));
std::string name = std::string(m_name, m_name.find(":") + 1,
m_name.size());
if (col == "TX" || col == "IP" || col == "GLOBAL"
|| col == "RESOURCE" || col == "SESSION" || col == "USER") {
m_collectionName = col;
}
if ((name.at(0) == '\\') || (name.at(0) == '/')) {
m_type = RegularExpression;
} else {
m_type = SingleMatch;
}
} else {
m_type = MultipleMatches;
size_t a = m_name.find(":");
if (a == std::string::npos) {
a = m_name.find(".");
}
if (utils::string::tolower(m_name) == "tx") {
m_collectionName = "TX";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "ip") {
m_collectionName = "IP";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "global") {
m_collectionName = "GLOBAL";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "resource") {
m_collectionName = "RESOURCE";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "session") {
m_collectionName = "SESSION";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "user") {
m_collectionName = "USER";
m_type = MultipleMatches;
} else if (m_name.find(".") != std::string::npos) {
m_kind = CollectionVarible;
m_collectionName = std::string(m_name, 0, m_name.find("."));
if (a != std::string::npos) {
m_collectionName = utils::string::toupper(std::string(m_name, 0, a));
m_name = std::string(m_name, a + 1, m_name.size());
m_fullName = std::make_shared<std::string>(m_collectionName + ":" + m_name);
} else {
m_kind = DirectVariable;
m_fullName = std::make_shared<std::string>(m_name);
m_collectionName = m_name;
m_name = "";
}
}
@ -84,42 +55,18 @@ Variable::Variable(std::string name, VariableKind kind)
m_kind(kind),
m_isExclusion(false),
m_isCount(false) {
if (m_name.find(":") != std::string::npos) {
std::string col = utils::string::toupper(
std::string(m_name, 0, m_name.find(":")));
std::string name = std::string(m_name, m_name.find(":") + 1,
m_name.size());
if (col == "TX" || col == "IP" || col == "GLOBAL"
|| col == "RESOURCE" || col == "SESSION") {
m_collectionName = col;
}
if ((name.at(0) == '\\') || (name.at(0) == '/')) {
m_type = RegularExpression;
} else {
m_type = SingleMatch;
}
size_t a = m_name.find(":");
if (a == std::string::npos) {
a = m_name.find(".");
}
if (a != std::string::npos) {
m_collectionName = utils::string::toupper(std::string(m_name, 0, a));
m_name = std::string(m_name, a + 1, m_name.size());
m_fullName = std::make_shared<std::string>(m_collectionName + ":" + m_name);
} else {
m_type = MultipleMatches;
m_fullName = std::make_shared<std::string>(m_name);
}
if (utils::string::tolower(m_name) == "tx") {
m_collectionName = "TX";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "ip") {
m_collectionName = "IP";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "global") {
m_collectionName = "GLOBAL";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "resource") {
m_collectionName = "RESOURCE";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "session") {
m_collectionName = "SESSION";
m_type = MultipleMatches;
} else if (m_name.find(".") != std::string::npos) {
m_collectionName = std::string(m_name, 0, m_name.find("."));
}
}
@ -128,22 +75,21 @@ std::string Variable::to_s(
std::string ret;
std::string except("");
for (int i = 0; i < variables->size() ; i++) {
std::string name = variables->at(i)->m_name;
VariableModificatorExclusion *e =
dynamic_cast<VariableModificatorExclusion *>(variables->at(i));
if (e != NULL) {
if (except.empty()) {
except = except + name;
except = except + *variables->at(i)->m_fullName.get();
} else {
except = except + "|" + name;
except = except + "|" + *variables->at(i)->m_fullName.get();
}
continue;
}
if (i == 0) {
ret = ret + name;
ret = ret + *variables->at(i)->m_fullName.get();
} else {
ret = ret + "|" + name;
ret = ret + "|" + *variables->at(i)->m_fullName.get();
}
}

49
src/variables/variable.h
View File

@ -22,6 +22,7 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rules.h"
#include "src/utils/string.h"
#include "src/utils/regex.h"
@ -357,6 +358,23 @@ class Variable {
vv = t->m_variableUrlEncodedError.resolveFirst();
} else if (comp(variable, "USERID")) {
vv = t->m_variableUserID.resolveFirst();
} else if (comp(variable, "TX")) {
vv = t->m_collections.m_tx_collection->resolveFirst("");
} else if (comp(variable, "RESOURCE")) {
vv = t->m_collections.m_resource_collection->resolveFirst("",
t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "USER")) {
vv = t->m_collections.m_user_collection->resolveFirst("",
t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "SESSION")) {
vv = t->m_collections.m_session_collection->resolveFirst("",
t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "IP")) {
vv = t->m_collections.m_ip_collection->resolveFirst("",
t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "GLOBAL")) {
vv = t->m_collections.m_global_collection->resolveFirst("",
t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value);
} else {
throw std::invalid_argument("Variable not found.");
}
@ -410,15 +428,36 @@ class Variable {
vv = t->m_variableRequestCookiesNames.resolveFirst(var);
} else if (comp(col, "FILES_TMPNAMES")) {
vv = t->m_variableFilesTmpNames.resolveFirst(var);
} else if (comp(col, "TX")) {
vv = t->m_collections.m_tx_collection->resolveFirst(var);
} else if (comp(col, "RESOURCE")) {
vv = t->m_collections.m_resource_collection->resolveFirst(var,
t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "USER")) {
vv = t->m_collections.m_user_collection->resolveFirst(var,
t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "SESSION")) {
vv = t->m_collections.m_session_collection->resolveFirst(var,
t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "IP")) {
vv = t->m_collections.m_ip_collection->resolveFirst(var,
t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "GLOBAL")) {
vv = t->m_collections.m_global_collection->resolveFirst(var,
t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value);
} else {
throw std::invalid_argument("Variable not found.");
}
}
if (vv == nullptr) {
return std::string("");
}
return std::string(*vv.get());
}
std::string m_name;
std::string m_collectionName;
std::shared_ptr<std::string> m_fullName;
VariableType m_type;
VariableKind m_kind;
@ -430,7 +469,7 @@ class Variable {
class VariableModificatorExclusion : public Variable {
public:
explicit VariableModificatorExclusion(std::unique_ptr<Variable> var)
: Variable(var->m_name),
: Variable(*var->m_fullName.get()),
m_var(std::move(var)) {
m_isExclusion = true;
}
@ -448,7 +487,7 @@ class VariableModificatorExclusion : public Variable {
class VariableModificatorCount : public Variable {
public:
explicit VariableModificatorCount(std::unique_ptr<Variable> var)
: Variable(var->m_name),
: Variable(*var->m_fullName.get()),
m_var(std::move(var)) {
m_isCount = true;
}
@ -463,15 +502,13 @@ class VariableModificatorCount : public Variable {
m_var->evaluate(t, rule, &reslIn);
for (const collection::Variable *a : reslIn) {
count++;
delete a;
delete a;
a = NULL;
}
reslIn.clear();
std::string *res = new std::string(std::to_string(count));
std::string *name = new std::string(m_name);
val = new collection::Variable(name, res);
delete name;
val = new collection::Variable(m_var->m_fullName, res);
delete res;
l->push_back(val);

5
src/variables/xml.cc
View File

@ -56,13 +56,14 @@ void XML::evaluate(Transaction *t,
size_t pos;
param = m_name;
/*
pos = m_name.find_first_of(":");
if (pos == std::string::npos) {
param = "";
} else {
param = std::string(m_name, pos+1, m_name.length() - (pos + 1));
}
*/
/* Is there an XML document tree at all? */
if (t->m_xml->m_data.doc == NULL) {
/* Sorry, we've got nothing to give! */
@ -126,7 +127,7 @@ void XML::evaluate(Transaction *t,
xmlNodeGetContent(nodes->nodeTab[i]));
if (content != NULL) {
std::string *a = new std::string(content);
collection::Variable *var = new collection::Variable(&m_name,
collection::Variable *var = new collection::Variable(m_fullName,
a);
delete a;
l->push_back(var);

4
test/test-cases/regression/collection-resource.json
View File

@ -40,7 +40,7 @@
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"123\" \\(Variable: whee::::RESOURCE:test\\)",
"debug_log":"Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)",
"error_log":""
},
"rules":[
@ -92,7 +92,7 @@
},
"expected":{
"audit_log":"",
"debug_log":"whee::webappid::RESOURCE:test",
"debug_log":"RESOURCE:whee::webappid::test",
"error_log":""
},
"rules":[