github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to m_highlightJSON in RuleMessage class

Browse Source 
This variable helds a JSON with information regarding all matches.
Only filled when IncludeFullHighlightLog property is set.
This commit is contained in:
Felipe Zimmerle 2018-07-20 13:58:51 -03:00
parent 1b27c6ccae
commit e84fb9d00f
6 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
View File

@ -237,6 +237,10 @@ end:
modsecurity::RuleMessage::computeHighlight(ruleMessage, modsecurity::RuleMessage::computeHighlight(ruleMessage,
ruleMessage->m_buf); ruleMessage->m_buf);
highlightToText(h); highlightToText(h);
std::cout << "Highlight JSON:" << std::endl;
std::cout << ruleMessage->m_highlightJSON << std::endl;
std::cout << "Request:" << std::endl;
std::cout << ruleMessage->m_buf;
std::cout << std::endl; std::cout << std::endl;
} }

2
headers/modsecurity/modsecurity.h
View File

@ -262,7 +262,7 @@ extern "C" {
* Notice that the highlight can be calculate post-analisys. Calculate it * Notice that the highlight can be calculate post-analisys. Calculate it
* during the analisys may delay the analisys process. * during the analisys may delay the analisys process.
* *
*/ */
IncludeFullHighlightLogProperty = 4, IncludeFullHighlightLogProperty = 4,
}; };

1
headers/modsecurity/rule_message.h
View File

@ -151,6 +151,7 @@ class RuleMessage {
std::list<std::string> m_tags; std::list<std::string> m_tags;
RuleMessageHighlight m_highlight; RuleMessageHighlight m_highlight;
std::string m_highlightJSON;
}; };

2
modsecurity.conf-recommended
View File

@ -174,7 +174,7 @@ SecDataDir /tmp/
# trigger a server error (determined by a 5xx or 4xx, excluding 404, # trigger a server error (determined by a 5xx or 4xx, excluding 404,
# level response status codes). # level response status codes).
# #
SecAuditEngine RelevantOnly SecAuditEngine Off
SecAuditLogRelevantStatus "^(?:5|4(?!04))" SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# Log everything we know about a transaction. # Log everything we know about a transaction.

2
src/modsecurity.cc
View File

@ -206,6 +206,8 @@ void ModSecurity::serverLog(void *data, std::shared_ptr<RuleMessage> rm) {
if (m_logProperties & RuleMessageLogProperty) { if (m_logProperties & RuleMessageLogProperty) {
const void *a = static_cast<const void *>(rm.get()); const void *a = static_cast<const void *>(rm.get());
if (m_logProperties & IncludeFullHighlightLogProperty) { if (m_logProperties & IncludeFullHighlightLogProperty) {
processContentOffset(rm->m_buf.c_str(), rm->m_buf.size(),
rm->m_reference.c_str(), &rm->m_highlightJSON, NULL);
m_logCb(data, a); m_logCb(data, a);
return; return;
} }

5
src/rule_message.cc
View File

@ -93,7 +93,10 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
return modsecurity::utils::string::toHexIfNeeded(msg); return modsecurity::utils::string::toHexIfNeeded(msg);
} }
/*
* Depricated. Do not use. Should be removed before merge.
*
*/
RuleMessageHighlight RuleMessage::computeHighlight(const RuleMessage *rm, RuleMessageHighlight RuleMessage::computeHighlight(const RuleMessage *rm,
const std::string buf) { const std::string buf) {
RuleMessageHighlight ret; RuleMessageHighlight ret;