github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Having _NAMES, variables proxied

Browse Source 
Some variables share content with others; that is the case
for ARGS and ARGS_NAMES. Those are different in value, as
ARGS_NAMES holds the key name as value.

Instead of duplicating the strings for the different
collections, this patch unifies the collection in radix,
avoiding memory fragmentation. It is currently doing some
fragmentation while resolving the variable, but to be
mitigated by shared_ptr is VariableValues, a different
change.

TODO: place others variables such as COOKIE*NAMES to use
the same proxy.
This commit is contained in:
Felipe Zimmerle
2021-01-18 14:58:56 -03:00
parent dd458dedb8
commit e8bd2151f2
7 changed files with 359 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
test/test-cases/regression/offset-variable.json
View File

@@ -882,11 +882,11 @@
]
},
"expected":{
"error_log":"o0,1v228,1t:lowercase"
"error_log":"o0,1v228,1t:lowercase,t:trim"
},
"rules":[
"SecRequestBodyAccess On",
"SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\""
"SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,t:trim,msg:'ops'\""
]
},
{
@@ -1951,5 +1951,67 @@
"SecUploadDir /tmp",
"SecRule MULTIPART_NAME \"fiasdfasdfledata\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Variable offset - ARGS n",
"request":{
"headers":{
"Host":"localhost",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/index.html?param01=5555&bbbbbbbmy_id=6",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 403,
"error_log":"o0,1v42,1"
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@contains 6\" \"id:1,phase:2,deny,status:403,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Variable offset - ARGS_NAMES n",
"request":{
"headers":{
"Host":"localhost",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/index.html?param01=5555&bbbbbbbmy_id=6",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 403,
"error_log":"o7,5v29,12"
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS_NAMES \"@contains my_id\" \"id:1,phase:2,deny,status:403,log\""
]
}
]

52
test/test-cases/regression/variable-ARGS_NAMES.json
View File

@@ -164,6 +164,58 @@
"SecRuleEngine On",
"SecRule ARGS_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_POST_NAMES (3/x)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=0000",
"Expect":"100-continue"
},
"uri":"/",
"method":"POST",
"body":[
"--0000\r",
"Content-Disposition: form-data; name=\"name1\"\r",
"\r",
"content1\r",
"--0000\r",
"Content-Disposition: form-data; name=\"name2\"\r",
"\r",
"content2\r",
"--0000--\r"
]
},
"response":{
"headers":{
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_NAMES\\)"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule ARGS_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
}
]

108
test/test-cases/regression/variable-ARGS_POST_NAMES.json
View File

@@ -2,7 +2,7 @@
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_POST_NAMES (1/2)",
"title":"Testing Variables :: ARGS_POST_NAMES (1/x)",
"client":{
"ip":"200.249.12.31",
"port":123
@@ -46,7 +46,7 @@
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_POST_NAMES (2/2)",
"title":"Testing Variables :: ARGS_POST_NAMES (2/x)",
"client":{
"ip":"200.249.12.31",
"port":123
@@ -86,6 +86,110 @@
"SecRuleEngine On",
"SecRule ARGS_POST_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_POST_NAMES (3/x)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=0000",
"Expect":"100-continue"
},
"uri":"/",
"method":"POST",
"body":[
"--0000\r",
"Content-Disposition: form-data; name=\"name1\"\r",
"\r",
"content1\r",
"--0000\r",
"Content-Disposition: form-data; name=\"name2\"\r",
"\r",
"content2\r",
"--0000--\r"
]
},
"response":{
"headers":{
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_POST_NAMES\\)"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule ARGS_POST_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_POST_NAMES (3/x)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=0000",
"Expect":"100-continue"
},
"uri":"/",
"method":"POST",
"body":[
"--0000\r",
"Content-Disposition: form-data; name=\"name1\"\r",
"\r",
"content1\r",
"--0000\r",
"Content-Disposition: form-data; name=\"name2\"\r",
"\r",
"content2\r",
"--0000--\r"
]
},
"response":{
"headers":{
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"error_log":"o0,5v206,5t:trim"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule ARGS_POST_NAMES \"@contains name1\" \"id:1,phase:3,pass,t:trim\""
]
}
]