github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Using shared var for variables names

Browse Source
This commit is contained in:
Felipe Zimmerle
2018-02-02 15:41:13 -03:00
parent 6f7fdd9493
commit de7c5c89bb
21 changed files with 183 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/variables/env.cc
View File

@@ -43,16 +43,15 @@ void Env::evaluate(Transaction *transaction,
}
std::string key = std::string(env, 0, pos);
std::string value = std::string(env, pos+1, env.length() - (pos + 1));
std::pair<std::string, std::string> a("ENV:" + key, value);
std::pair<std::string, std::string> a(key, value);
transaction->m_variableEnvs.insert(a);
}
for (auto& x : transaction->m_variableEnvs) {
if ((x.first.substr(0, m_name.size() + 1).compare(m_name + ":") != 0)
&& (x.first != m_name)) {
if (x.first != m_name && m_name.length() > 0) {
continue;
}
l->push_back(new collection::Variable(&x.first, &x.second));
l->push_back(new collection::Variable(&m_collectionName, &x.first, &x.second));
}
}

8
src/variables/global.h
View File

@@ -35,7 +35,7 @@ class Global_DictElement : public Variable {
public:
explicit Global_DictElement(std::string dictElement)
: Variable("GLOBAL"),
m_dictElement("GLOBAL:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -67,7 +67,7 @@ class Global_DictElementRegexp : public Variable {
explicit Global_DictElementRegexp(std::string dictElement)
: Variable("GLOBAL:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("GLOBAL:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -92,7 +92,7 @@ class Global_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_global_collection->resolveMultiMatches(
"GLOBAL:" + string, t->m_collections.m_global_collection_key, l);
string, t->m_collections.m_global_collection_key, l);
}
@@ -104,7 +104,7 @@ class Global_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_global_collection->storeOrUpdateFirst(
"GLOBAL:" + var, t->m_collections.m_global_collection_key, value);
var, t->m_collections.m_global_collection_key, value);
}
std::unique_ptr<RunTimeString> m_string;

2
src/variables/highest_severity.cc
View File

@@ -31,7 +31,7 @@ void HighestSeverity::evaluate(Transaction *transaction,
std::vector<const collection::Variable *> *l) {
transaction->m_variableHighestSeverityAction.assign(
std::to_string(transaction->m_highestSeverityAction));
l->push_back(new collection::Variable(&m_retName,
l->push_back(new collection::Variable(m_fullName,
&transaction->m_variableHighestSeverityAction));
}

2
src/variables/ip.h
View File

@@ -104,7 +104,7 @@ class Ip_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_ip_collection->storeOrUpdateFirst(
"IP:" + var, t->m_collections.m_ip_collection_key, value);
var, t->m_collections.m_ip_collection_key, value);
}
std::unique_ptr<RunTimeString> m_string;

8
src/variables/resource.h
View File

@@ -35,7 +35,7 @@ class Resource_DictElement : public Variable {
public:
explicit Resource_DictElement(std::string dictElement)
: Variable("RESOURCE:" + dictElement),
m_dictElement("RESOURCE:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -69,7 +69,7 @@ class Resource_DictElementRegexp : public Variable {
explicit Resource_DictElementRegexp(std::string dictElement)
: Variable("RESOURCE:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("RESOURCE:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -95,7 +95,7 @@ class Resource_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_resource_collection->resolveMultiMatches(
"RESOURCE:" + string,
string,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
}
@@ -108,7 +108,7 @@ class Resource_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_resource_collection->storeOrUpdateFirst(
"RESOURCE:" + var,
var,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, value);
}

10
src/variables/session.h
View File

@@ -35,7 +35,7 @@ class Session_DictElement : public Variable {
public:
explicit Session_DictElement(std::string dictElement)
: Variable("SESSION"),
m_dictElement("SESSION:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -67,9 +67,9 @@ class Session_NoDictElement : public Variable {
class Session_DictElementRegexp : public Variable {
public:
explicit Session_DictElementRegexp(std::string dictElement)
: Variable("SESSION"),
: Variable("SESSION:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("SESSION:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -95,7 +95,7 @@ class Session_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_session_collection->resolveMultiMatches(
"SESSION:" + string,
string,
t->m_collections.m_session_collection_key, l);
}
@@ -107,7 +107,7 @@ class Session_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_session_collection->storeOrUpdateFirst(
"SESSION:" + var, t->m_collections.m_session_collection_key,
var, t->m_collections.m_session_collection_key,
value);
}

14
src/variables/tx.h
View File

@@ -35,7 +35,7 @@ class Tx_DictElement : public Variable {
public:
explicit Tx_DictElement(std::string dictElement)
: Variable("TX:" + dictElement),
m_dictElement("TX:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -56,7 +56,7 @@ class Tx_NoDictElement : public Variable {
void evaluate(Transaction *t,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
t->m_collections.m_tx_collection->resolveMultiMatches(m_name, l);
t->m_collections.m_tx_collection->resolveMultiMatches("", l);
}
};
@@ -64,9 +64,9 @@ class Tx_NoDictElement : public Variable {
class Tx_DictElementRegexp : public Variable {
public:
explicit Tx_DictElementRegexp(std::string dictElement)
: Variable("TX"),
: Variable("TX:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("TX:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -90,8 +90,7 @@ class Tx_DynamicElement : public Variable {
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_tx_collection->resolveMultiMatches(
"TX:" + string, l);
t->m_collections.m_tx_collection->resolveMultiMatches(string, l);
}
void del(Transaction *t, std::string k) {
@@ -100,8 +99,7 @@ class Tx_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"TX:" + var, value);
t->m_collections.m_tx_collection->storeOrUpdateFirst(var, value);
}
std::unique_ptr<RunTimeString> m_string;

10
src/variables/user.h
View File

@@ -35,7 +35,7 @@ class User_DictElement : public Variable {
public:
explicit User_DictElement(std::string dictElement)
: Variable("USER"),
m_dictElement("USER:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -67,9 +67,9 @@ class User_NoDictElement : public Variable {
class User_DictElementRegexp : public Variable {
public:
explicit User_DictElementRegexp(std::string dictElement)
: Variable("USER"),
: Variable("USER:regex(" + dictElement + ")"),
m_r(dictElement),
m_dictElement("USER:" + dictElement) { }
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
Rule *rule,
@@ -95,7 +95,7 @@ class User_DynamicElement : public Variable {
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_user_collection->resolveMultiMatches(
"USER:" + string, t->m_collections.m_user_collection_key, l);
string, t->m_collections.m_user_collection_key, l);
}
void del(Transaction *t, std::string k) {
@@ -106,7 +106,7 @@ class User_DynamicElement : public Variable {
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_user_collection->storeOrUpdateFirst(
"USER:" + var, t->m_collections.m_user_collection_key,
var, t->m_collections.m_user_collection_key,
value);
}

100
src/variables/variable.cc
View File

@@ -33,47 +33,18 @@ Variable::Variable(std::string name)
m_collectionName(""),
m_isExclusion(false),
m_isCount(false) {
if (m_name.find(":") != std::string::npos) {
std::string col = utils::string::toupper(
std::string(m_name, 0, m_name.find(":")));
std::string name = std::string(m_name, m_name.find(":") + 1,
m_name.size());
if (col == "TX" || col == "IP" || col == "GLOBAL"
|| col == "RESOURCE" || col == "SESSION" || col == "USER") {
m_collectionName = col;
}
if ((name.at(0) == '\\') || (name.at(0) == '/')) {
m_type = RegularExpression;
} else {
m_type = SingleMatch;
}
} else {
m_type = MultipleMatches;
size_t a = m_name.find(":");
if (a == std::string::npos) {
a = m_name.find(".");
}
if (utils::string::tolower(m_name) == "tx") {
m_collectionName = "TX";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "ip") {
m_collectionName = "IP";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "global") {
m_collectionName = "GLOBAL";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "resource") {
m_collectionName = "RESOURCE";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "session") {
m_collectionName = "SESSION";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "user") {
m_collectionName = "USER";
m_type = MultipleMatches;
} else if (m_name.find(".") != std::string::npos) {
m_kind = CollectionVarible;
m_collectionName = std::string(m_name, 0, m_name.find("."));
if (a != std::string::npos) {
m_collectionName = utils::string::toupper(std::string(m_name, 0, a));
m_name = std::string(m_name, a + 1, m_name.size());
m_fullName = std::make_shared<std::string>(m_collectionName + ":" + m_name);
} else {
m_kind = DirectVariable;
m_fullName = std::make_shared<std::string>(m_name);
m_collectionName = m_name;
m_name = "";
}
}
@@ -84,42 +55,18 @@ Variable::Variable(std::string name, VariableKind kind)
m_kind(kind),
m_isExclusion(false),
m_isCount(false) {
if (m_name.find(":") != std::string::npos) {
std::string col = utils::string::toupper(
std::string(m_name, 0, m_name.find(":")));
std::string name = std::string(m_name, m_name.find(":") + 1,
m_name.size());
if (col == "TX" || col == "IP" || col == "GLOBAL"
|| col == "RESOURCE" || col == "SESSION") {
m_collectionName = col;
}
if ((name.at(0) == '\\') || (name.at(0) == '/')) {
m_type = RegularExpression;
} else {
m_type = SingleMatch;
}
size_t a = m_name.find(":");
if (a == std::string::npos) {
a = m_name.find(".");
}
if (a != std::string::npos) {
m_collectionName = utils::string::toupper(std::string(m_name, 0, a));
m_name = std::string(m_name, a + 1, m_name.size());
m_fullName = std::make_shared<std::string>(m_collectionName + ":" + m_name);
} else {
m_type = MultipleMatches;
m_fullName = std::make_shared<std::string>(m_name);
}
if (utils::string::tolower(m_name) == "tx") {
m_collectionName = "TX";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "ip") {
m_collectionName = "IP";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "global") {
m_collectionName = "GLOBAL";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "resource") {
m_collectionName = "RESOURCE";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "session") {
m_collectionName = "SESSION";
m_type = MultipleMatches;
} else if (m_name.find(".") != std::string::npos) {
m_collectionName = std::string(m_name, 0, m_name.find("."));
}
}
@@ -128,22 +75,21 @@ std::string Variable::to_s(
std::string ret;
std::string except("");
for (int i = 0; i < variables->size() ; i++) {
std::string name = variables->at(i)->m_name;
VariableModificatorExclusion *e =
dynamic_cast<VariableModificatorExclusion *>(variables->at(i));
if (e != NULL) {
if (except.empty()) {
except = except + name;
except = except + *variables->at(i)->m_fullName.get();
} else {
except = except + "|" + name;
except = except + "|" + *variables->at(i)->m_fullName.get();
}
continue;
}
if (i == 0) {
ret = ret + name;
ret = ret + *variables->at(i)->m_fullName.get();
} else {
ret = ret + "|" + name;
ret = ret + "|" + *variables->at(i)->m_fullName.get();
}
}

49
src/variables/variable.h
View File

@@ -22,6 +22,7 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rules.h"
#include "src/utils/string.h"
#include "src/utils/regex.h"
@@ -357,6 +358,23 @@ class Variable {
vv = t->m_variableUrlEncodedError.resolveFirst();
} else if (comp(variable, "USERID")) {
vv = t->m_variableUserID.resolveFirst();
} else if (comp(variable, "TX")) {
vv = t->m_collections.m_tx_collection->resolveFirst("");
} else if (comp(variable, "RESOURCE")) {
vv = t->m_collections.m_resource_collection->resolveFirst("",
t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "USER")) {
vv = t->m_collections.m_user_collection->resolveFirst("",
t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "SESSION")) {
vv = t->m_collections.m_session_collection->resolveFirst("",
t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "IP")) {
vv = t->m_collections.m_ip_collection->resolveFirst("",
t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(variable, "GLOBAL")) {
vv = t->m_collections.m_global_collection->resolveFirst("",
t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value);
} else {
throw std::invalid_argument("Variable not found.");
}
@@ -410,15 +428,36 @@ class Variable {
vv = t->m_variableRequestCookiesNames.resolveFirst(var);
} else if (comp(col, "FILES_TMPNAMES")) {
vv = t->m_variableFilesTmpNames.resolveFirst(var);
} else if (comp(col, "TX")) {
vv = t->m_collections.m_tx_collection->resolveFirst(var);
} else if (comp(col, "RESOURCE")) {
vv = t->m_collections.m_resource_collection->resolveFirst(var,
t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "USER")) {
vv = t->m_collections.m_user_collection->resolveFirst(var,
t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "SESSION")) {
vv = t->m_collections.m_session_collection->resolveFirst(var,
t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "IP")) {
vv = t->m_collections.m_ip_collection->resolveFirst(var,
t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value);
} else if (comp(col, "GLOBAL")) {
vv = t->m_collections.m_global_collection->resolveFirst(var,
t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value);
} else {
throw std::invalid_argument("Variable not found.");
}
}
if (vv == nullptr) {
return std::string("");
}
return std::string(*vv.get());
}
std::string m_name;
std::string m_collectionName;
std::shared_ptr<std::string> m_fullName;
VariableType m_type;
VariableKind m_kind;
@@ -430,7 +469,7 @@ class Variable {
class VariableModificatorExclusion : public Variable {
public:
explicit VariableModificatorExclusion(std::unique_ptr<Variable> var)
: Variable(var->m_name),
: Variable(*var->m_fullName.get()),
m_var(std::move(var)) {
m_isExclusion = true;
}
@@ -448,7 +487,7 @@ class VariableModificatorExclusion : public Variable {
class VariableModificatorCount : public Variable {
public:
explicit VariableModificatorCount(std::unique_ptr<Variable> var)
: Variable(var->m_name),
: Variable(*var->m_fullName.get()),
m_var(std::move(var)) {
m_isCount = true;
}
@@ -463,15 +502,13 @@ class VariableModificatorCount : public Variable {
m_var->evaluate(t, rule, &reslIn);
for (const collection::Variable *a : reslIn) {
count++;
delete a;
delete a;
a = NULL;
}
reslIn.clear();
std::string *res = new std::string(std::to_string(count));
std::string *name = new std::string(m_name);
val = new collection::Variable(name, res);
delete name;
val = new collection::Variable(m_var->m_fullName, res);
delete res;
l->push_back(val);

5
src/variables/xml.cc
View File

@@ -56,13 +56,14 @@ void XML::evaluate(Transaction *t,
size_t pos;
param = m_name;
/*
pos = m_name.find_first_of(":");
if (pos == std::string::npos) {
param = "";
} else {
param = std::string(m_name, pos+1, m_name.length() - (pos + 1));
}
*/
/* Is there an XML document tree at all? */
if (t->m_xml->m_data.doc == NULL) {
/* Sorry, we've got nothing to give! */
@@ -126,7 +127,7 @@ void XML::evaluate(Transaction *t,
xmlNodeGetContent(nodes->nodeTab[i]));
if (content != NULL) {
std::string *a = new std::string(content);
collection::Variable *var = new collection::Variable(&m_name,
collection::Variable *var = new collection::Variable(m_fullName,
a);
delete a;
l->push_back(var);