mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Expands log_cb to share ruleMessage structure instead text
Text version still available and it is the default options
This commit is contained in:
Felipe Zimmerle
@@ -25,7 +25,7 @@ namespace operators {
|
||||
|
||||
|
||||
bool BeginsWith::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) {
|
||||
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
bool ret = false;
|
||||
|
||||
std::string p = MacroExpansion::expand(m_param, transaction);
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_BEGINS_WITH_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -33,7 +34,7 @@ class BeginsWith : public Operator {
|
||||
: Operator("BeginsWith", param) { }
|
||||
|
||||
bool evaluate(Transaction *transaction, Rule *rule, const std::string &str,
|
||||
RuleMessage *ruleMessage) override;
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -23,7 +23,7 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Contains::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
std::string p = MacroExpansion::expand(m_param, transaction);
|
||||
size_t offset = input.find(p);
|
||||
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
@@ -35,7 +36,8 @@ class Contains : public Operator {
|
||||
explicit Contains(std::string param)
|
||||
: Operator("Contains", param) { }
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) override;
|
||||
const std::string &str,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -38,7 +38,7 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
|
||||
}
|
||||
|
||||
bool ContainsWord::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
std::string paramTarget = MacroExpansion::expand(m_param, transaction);
|
||||
|
||||
if (paramTarget.empty()) {
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_CONTAINS_WORD_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
@@ -32,7 +33,8 @@ class ContainsWord : public Operator {
|
||||
explicit ContainsWord(std::string param)
|
||||
: Operator("ContainsWord", param) { }
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) override;
|
||||
const std::string &str,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
|
||||
bool acceptableChar(const std::string& a, size_t pos);
|
||||
};
|
||||
|
||||
@@ -25,7 +25,7 @@ namespace operators {
|
||||
|
||||
|
||||
bool EndsWith::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
bool ret = false;
|
||||
std::string p = MacroExpansion::expand(m_param, transaction);
|
||||
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_ENDS_WITH_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -32,7 +33,8 @@ class EndsWith : public Operator {
|
||||
explicit EndsWith(std::string param)
|
||||
: Operator("EndsWith", param) { }
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) override;
|
||||
const std::string &str,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
#include <cstring>
|
||||
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
@@ -76,7 +76,7 @@ bool Operator::debug(Transaction *transaction, int x, std::string a) {
|
||||
}
|
||||
|
||||
bool Operator::evaluateInternal(Transaction *transaction,
|
||||
Rule *rule, const std::string& a, RuleMessage *rm) {
|
||||
Rule *rule, const std::string& a, std::shared_ptr<RuleMessage> rm) {
|
||||
bool res = evaluate(transaction, rule, a, rm);
|
||||
|
||||
if (m_negation) {
|
||||
|
||||
@@ -14,6 +14,7 @@
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#ifndef SRC_OPERATORS_OPERATOR_H__
|
||||
#define SRC_OPERATORS_OPERATOR_H__
|
||||
@@ -63,7 +64,7 @@ class Operator {
|
||||
bool evaluateInternal(Transaction *t, Rule *rule,
|
||||
const std::string& a);
|
||||
bool evaluateInternal(Transaction *t, Rule *rule,
|
||||
const std::string& a, RuleMessage *ruleMessage);
|
||||
const std::string& a, std::shared_ptr<RuleMessage> ruleMessage);
|
||||
|
||||
|
||||
virtual bool evaluate(Transaction *transaction, const std::string &str);
|
||||
@@ -72,11 +73,12 @@ class Operator {
|
||||
return evaluate(transaction, str);
|
||||
}
|
||||
virtual bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) {
|
||||
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
return evaluate(transaction, str);
|
||||
}
|
||||
|
||||
static void logOffset(RuleMessage *ruleMessage, int offset, int len) {
|
||||
static void logOffset(std::shared_ptr<RuleMessage> ruleMessage,
|
||||
int offset, int len) {
|
||||
if (ruleMessage) {
|
||||
ruleMessage->m_reference.append("o"
|
||||
+ std::to_string(offset) + ","
|
||||
|
||||
@@ -23,6 +23,7 @@
|
||||
#include <sstream>
|
||||
#include <vector>
|
||||
#include <list>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
#include "src/utils/acmp.h"
|
||||
@@ -79,7 +80,7 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) {
|
||||
|
||||
|
||||
bool Pm::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
int rc = 0;
|
||||
ACMPT pt;
|
||||
pt.parser = m_p;
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
#include "src/utils/acmp.h"
|
||||
@@ -44,7 +45,8 @@ class Pm : public Operator {
|
||||
}
|
||||
~Pm();
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) override;
|
||||
const std::string &str,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
|
||||
|
||||
bool init(const std::string &file, std::string *error) override;
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
#include "src/macro_expansion.h"
|
||||
@@ -29,7 +30,7 @@ namespace operators {
|
||||
|
||||
|
||||
bool Rx::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string& input, RuleMessage *ruleMessage) {
|
||||
const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
SMatch match;
|
||||
std::list<SMatch> matches;
|
||||
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
#include "src/utils/regex.h"
|
||||
@@ -59,7 +60,8 @@ class Rx : public Operator {
|
||||
return evaluate(transaction, NULL, input);
|
||||
}
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string& input, RuleMessage *ruleMessage) override;
|
||||
const std::string& input,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
|
||||
private:
|
||||
Regex *m_re;
|
||||
|
||||
@@ -16,6 +16,7 @@
|
||||
#include "src/operators/validate_byte_range.h"
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -110,7 +111,7 @@ bool ValidateByteRange::init(const std::string &file,
|
||||
|
||||
|
||||
bool ValidateByteRange::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
bool ret = true;
|
||||
|
||||
size_t count = 0;
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
#include <string>
|
||||
#include <vector>
|
||||
#include <cstring>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -40,7 +41,8 @@ class ValidateByteRange : public Operator {
|
||||
~ValidateByteRange() override { }
|
||||
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) override;
|
||||
const std::string &input,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
bool getRange(const std::string &rangeRepresentation, std::string *error);
|
||||
bool init(const std::string& file, std::string *error) override;
|
||||
private:
|
||||
|
||||
@@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,
|
||||
|
||||
|
||||
bool ValidateUrlEncoding::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) {
|
||||
const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
size_t offset = 0;
|
||||
bool res = false;
|
||||
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_VALIDATE_URL_ENCODING_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -33,7 +34,8 @@ class ValidateUrlEncoding : public Operator {
|
||||
: Operator("ValidateUrlEncoding") { }
|
||||
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &input, RuleMessage *ruleMessage) override;
|
||||
const std::string &input,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
int validate_url_encoding(const char *input, uint64_t input_length,
|
||||
size_t *offset);
|
||||
};
|
||||
|
||||
@@ -114,7 +114,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
|
||||
}
|
||||
|
||||
bool ValidateUtf8Encoding::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) {
|
||||
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
unsigned int i, bytes_left;
|
||||
|
||||
const char *str_c = str.c_str();
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_VALIDATE_UTF8_ENCODING_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -40,7 +41,8 @@ class ValidateUtf8Encoding : public Operator {
|
||||
: Operator("ValidateUtf8Encoding") { }
|
||||
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) override;
|
||||
const std::string &str,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) override;
|
||||
|
||||
int detect_utf8_character(const unsigned char *p_read,
|
||||
unsigned int length);
|
||||
|
||||
@@ -25,7 +25,7 @@ namespace operators {
|
||||
|
||||
|
||||
bool Within::evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage) {
|
||||
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
bool res = false;
|
||||
std::string paramTarget = MacroExpansion::expand(m_param, transaction);
|
||||
size_t pos = 0;
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#define SRC_OPERATORS_WITHIN_H_
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "src/operators/operator.h"
|
||||
|
||||
@@ -32,7 +33,7 @@ class Within : public Operator {
|
||||
explicit Within(std::string param)
|
||||
: Operator("Within", param) { }
|
||||
bool evaluate(Transaction *transaction, Rule *rule,
|
||||
const std::string &str, RuleMessage *ruleMessage);
|
||||
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage);
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
Reference in New Issue
Block a user