github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix various minor issues on the auditlog schema

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-08-27 17:50:42 -03:00
parent 24b7d72666
commit e89e395a32
5 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/simple_example_using_c/test.c
View File

@ -65,6 +65,7 @@ int main (int argc, char **argv)
msc_process_request_body(assay);
msc_process_response_headers(assay);
msc_process_response_body(assay);
msc_process_logging(assay, 200);
end:
msc_rules_cleanup(rules);
msc_cleanup(modsec);

2
src/audit_log.cc
View File

@ -44,7 +44,7 @@ AuditLog::AuditLog()
m_writer(NULL),
m_relevant(""),
filePermission(0600),
directoryPermission(0600),
directoryPermission(0766),
m_refereceCount(0) { }
AuditLog::~AuditLog() {

6
src/parser/seclang-parser.yy
View File

@ -17,6 +17,7 @@ class Driver;
}
#include "actions/action.h"
#include "actions/audit_log.h"
#include "actions/set_var.h"
#include "actions/severity.h"
#include "actions/msg.h"
@ -201,6 +202,7 @@ using ModSecurity::Variables::Variable;
%token <std::string> OPERATOR
%token <std::string> FREE_TEXT
%token <std::string> ACTION
%token <std::string> ACTION_AUDIT_LOG
%token <std::string> ACTION_SEVERITY
%token <std::string> ACTION_SETVAR
%token <std::string> ACTION_MSG
@ -619,6 +621,10 @@ act:
$$ = setVar;
}
| ACTION_AUDIT_LOG
{
$$ = new ModSecurity::actions::AuditLog($1);
}
| LOG_DATA
{
$$ = new LogData($1);

6
src/parser/seclang-scanner.ll
View File

@ -23,7 +23,8 @@ using ModSecurity::split;
%}
%option noyywrap nounput batch debug noinput
ACTION (?i:accuracy|allow|append|auditlog|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|phase:[0-9]+|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION (?i:accuracy|allow|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|phase:[0-9]+|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION_AUDIT_LOG (?i:auditlog)
ACTION_SEVERITY (?i:severity)
ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
ACTION_SETVAR (?i:setvar)
@ -112,7 +113,7 @@ CONFIG_VALUE_ON On
CONFIG_VALUE_OFF Off
CONFIG_VALUE_DETC DetectionOnly
CONFIG_VALUE_SERIAL Serial
CONFIG_VALUE_PARALLEL Parallel
CONFIG_VALUE_PARALLEL (?i:Parallel|Concurrent)
CONFIG_VALUE_RELEVANT_ONLY RelevantOnly
CONFIG_VALUE_PROCESS_PARTIAL (?i:ProcessPartial)
@ -247,6 +248,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
}
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); }
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(std::string(yytext, 10, yyleng - 11), *driver.loc.back()); }

2
src/utils.cc
View File

@ -73,7 +73,7 @@ double random_number(const double from, const double to) {
std::string dash_if_empty(const std::string& str) {
if (str.empty()) {
if (&str == NULL || str.empty()) {
return "-";
}