mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Contionuation of 1 time variable patch
Now we have almost 100% of the transaction variables hosted on the new schema. Variable modifcators (count and exclusion) are not yet supported on the new schema. Notice that setvar is now using the parser.
This commit is contained in:
Felipe Zimmerle
committed by
Felipe Zimmerle
Felipe Zimmerle
parent
703da3c4f0
commit
e95555132e
@@ -66,7 +66,6 @@ noinst_HEADERS = \
|
||||
|
||||
|
||||
VARIABLES = \
|
||||
variables/args_names.cc \
|
||||
variables/duration.cc \
|
||||
variables/env.cc \
|
||||
variables/highest_severity.cc \
|
||||
|
||||
@@ -28,7 +28,8 @@ namespace ctl {
|
||||
bool RequestBodyProcessorJSON::evaluate(Rule *rule,
|
||||
Transaction *transaction) {
|
||||
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
|
||||
transaction->m_collections.store("REQBODY_PROCESSOR", "JSON");
|
||||
transaction->m_variableReqbodyProcessor.set("JSON",
|
||||
transaction->m_variableOffset);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -28,7 +28,8 @@ namespace ctl {
|
||||
bool RequestBodyProcessorXML::evaluate(Rule *rule,
|
||||
Transaction *transaction) {
|
||||
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
|
||||
transaction->m_collections.store("REQBODY_PROCESSOR", "XML");
|
||||
transaction->m_variableReqbodyProcessor.set("XML",
|
||||
transaction->m_variableOffset);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -49,7 +49,7 @@ bool SetSID::evaluate(Rule *rule, Transaction *t) {
|
||||
#endif
|
||||
|
||||
t->m_collections.m_session_collection_key = colNameExpanded;
|
||||
t->m_collections.storeOrUpdateFirst("SESSIONID", colNameExpanded);
|
||||
t->m_variableSessionID.set(colNameExpanded, t->m_variableOffset);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -49,7 +49,7 @@ bool SetUID::evaluate(Rule *rule, Transaction *t) {
|
||||
#endif
|
||||
|
||||
t->m_collections.m_user_collection_key = colNameExpanded;
|
||||
t->m_collections.storeOrUpdateFirst("USERID", colNameExpanded);
|
||||
t->m_variableUserID.set(colNameExpanded, t->m_variableOffset);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -31,6 +31,20 @@ namespace actions {
|
||||
bool SetVar::init(std::string *error) {
|
||||
size_t pos;
|
||||
|
||||
if (m_variableName.empty() == false) {
|
||||
pos = m_variableName.find(".");
|
||||
if (pos != std::string::npos) {
|
||||
m_collectionName = std::string(m_variableName, 0, pos);
|
||||
m_collectionName = utils::string::toupper(m_collectionName);
|
||||
m_variableName = std::string(m_variableName, pos + 1,
|
||||
m_variableName.size() - (pos + 1));
|
||||
} else {
|
||||
error->assign("Missing the collection and/or variable name");
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
// Resolv operation
|
||||
m_operation = setToOne;
|
||||
pos = m_parser_payload.find("=");
|
||||
|
||||
@@ -26,6 +26,16 @@ class Rule;
|
||||
|
||||
namespace actions {
|
||||
|
||||
enum SetVarOperation {
|
||||
/* Set variable to something */
|
||||
setOperation,
|
||||
/* read variable, sum predicate and set */
|
||||
sumAndSetOperation,
|
||||
/* read variable, substract predicate and set */
|
||||
substractAndSetOperation,
|
||||
/* set variable to 1 */
|
||||
setToOne
|
||||
};
|
||||
|
||||
class SetVar : public Action {
|
||||
public:
|
||||
@@ -35,20 +45,24 @@ class SetVar : public Action {
|
||||
m_variableName(""),
|
||||
m_predicate("") { }
|
||||
|
||||
SetVar(SetVarOperation operation,
|
||||
std::string variableName,
|
||||
std::string predicate) : Action("setvar"),
|
||||
m_operation(operation),
|
||||
m_predicate(predicate),
|
||||
m_collectionName(""),
|
||||
m_variableName(variableName) { }
|
||||
|
||||
SetVar(SetVarOperation operation,
|
||||
std::string variableName) : Action("setvar"),
|
||||
m_operation(operation),
|
||||
m_predicate(""),
|
||||
m_collectionName(""),
|
||||
m_variableName(variableName) { }
|
||||
|
||||
bool evaluate(Rule *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
|
||||
enum SetVarOperation {
|
||||
/* Set variable to something */
|
||||
setOperation,
|
||||
/* read variable, sum predicate and set */
|
||||
sumAndSetOperation,
|
||||
/* read variable, substract predicate and set */
|
||||
substractAndSetOperation,
|
||||
/* set variable to 1 */
|
||||
setToOne
|
||||
};
|
||||
|
||||
private:
|
||||
SetVarOperation m_operation;
|
||||
std::string m_collectionName;
|
||||
|
||||
@@ -66,7 +66,11 @@ std::string MacroExpansion::expand(const std::string& input,
|
||||
std::string *variableValue = NULL;
|
||||
size_t collection = variable.find(".");
|
||||
if (collection == std::string::npos) {
|
||||
variableValue = transaction->m_collections.resolveFirst(variable);
|
||||
if (utils::string::toupper(variable) == "MATCHED_VAR") {
|
||||
variableValue = transaction->m_variableMatchedVar.evaluate();
|
||||
} else {
|
||||
variableValue = transaction->m_collections.resolveFirst(variable);
|
||||
}
|
||||
} else {
|
||||
std::string col = std::string(variable, 0, collection);
|
||||
std::string var = std::string(variable, collection + 1,
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -146,15 +146,67 @@ class Driver;
|
||||
#include "src/utils/system.h"
|
||||
#include "src/variables/args_names.h"
|
||||
#include "src/variables/xml.h"
|
||||
#include "src/variables/args_combined_size.h"
|
||||
#include "src/variables/args_get_names.h"
|
||||
#include "src/variables/args_names.h"
|
||||
#include "src/variables/args_post_names.h"
|
||||
#include "src/variables/auth_type.h"
|
||||
#include "src/variables/duration.h"
|
||||
#include "src/variables/env.h"
|
||||
#include "src/variables/files_combined_size.h"
|
||||
#include "src/variables/files_tmp_names.h"
|
||||
#include "src/variables/full_request.h"
|
||||
#include "src/variables/full_request_length.h"
|
||||
#include "src/variables/highest_severity.h"
|
||||
#include "src/variables/inbound_data_error.h"
|
||||
#include "src/variables/matched_var.h"
|
||||
#include "src/variables/matched_var_name.h"
|
||||
#include "src/variables/modsec_build.h"
|
||||
#include "src/variables/multipart_crlf_lf_line.h"
|
||||
#include "src/variables/multipart_data_after.h"
|
||||
#include "src/variables/multipart_file_limit_exceeded.h"
|
||||
#include "src/variables/multipart_header_folding.h"
|
||||
#include "src/variables/multipart_invalid_header_folding.h"
|
||||
#include "src/variables/multipart_invalid_quoting.h"
|
||||
#include "src/variables/multipart_strict_error.h"
|
||||
#include "src/variables/multipart_unmatched_boundary.h"
|
||||
#include "src/variables/outbound_data_error.h"
|
||||
#include "src/variables/path_info.h"
|
||||
#include "src/variables/query_string.h"
|
||||
#include "src/variables/remote_addr.h"
|
||||
#include "src/variables/remote_host.h"
|
||||
#include "src/variables/remote_port.h"
|
||||
#include "src/variables/remote_user.h"
|
||||
#include "src/variables/reqbody_error.h"
|
||||
#include "src/variables/reqbody_error_msg.h"
|
||||
#include "src/variables/reqbody_processor_error.h"
|
||||
#include "src/variables/reqbody_processor_error_msg.h"
|
||||
#include "src/variables/reqbody_processor.h"
|
||||
#include "src/variables/request_base_name.h"
|
||||
#include "src/variables/request_body.h"
|
||||
#include "src/variables/request_body_length.h"
|
||||
#include "src/variables/request_file_name.h"
|
||||
#include "src/variables/request_headers_names.h"
|
||||
#include "src/variables/request_line.h"
|
||||
#include "src/variables/request_method.h"
|
||||
#include "src/variables/request_protocol.h"
|
||||
#include "src/variables/request_uri.h"
|
||||
#include "src/variables/request_uri_raw.h"
|
||||
#include "src/variables/resources.h"
|
||||
#include "src/variables/response_body.h"
|
||||
#include "src/variables/response_content_length.h"
|
||||
#include "src/variables/response_content_type.h"
|
||||
#include "src/variables/response_headers_names.h"
|
||||
#include "src/variables/response_protocol.h"
|
||||
#include "src/variables/response_status.h"
|
||||
#include "src/variables/rule.h"
|
||||
#include "src/variables/time.h"
|
||||
#include "src/variables/server_addr.h"
|
||||
#include "src/variables/server_name.h"
|
||||
#include "src/variables/server_port.h"
|
||||
#include "src/variables/session_id.h"
|
||||
#include "src/variables/time_day.h"
|
||||
#include "src/variables/time_epoch.h"
|
||||
#include "src/variables/time.h"
|
||||
#include "src/variables/time_hour.h"
|
||||
#include "src/variables/time_min.h"
|
||||
#include "src/variables/time_mon.h"
|
||||
@@ -162,6 +214,11 @@ class Driver;
|
||||
#include "src/variables/time_wday.h"
|
||||
#include "src/variables/time_year.h"
|
||||
#include "src/variables/tx.h"
|
||||
#include "src/variables/unique_id.h"
|
||||
#include "src/variables/url_encoded_error.h"
|
||||
#include "src/variables/user_id.h"
|
||||
#include "src/variables/variable.h"
|
||||
#include "src/variables/xml.h"
|
||||
#include "src/variables/variations/count.h"
|
||||
#include "src/variables/variations/exclusion.h"
|
||||
|
||||
@@ -258,8 +315,66 @@ using modsecurity::operators::Operator;
|
||||
COMMA ","
|
||||
PIPE
|
||||
NEW_LINE
|
||||
VARIABLE_ARGS_NAMES "Variable ARGS_NAMES"
|
||||
;
|
||||
VARIABLE_ARGS_COMBINED_SIZE
|
||||
VARIABLE_ARGS_GET_NAMES
|
||||
VARIABLE_ARGS_NAMES "Variable ARGS_NAMES"
|
||||
VARIABLE_ARGS_POST_NAMES
|
||||
VARIABLE_AUTH_TYPE "AUTH_TYPE"
|
||||
VARIABLE_FILES_COMBINED_SIZE "FILES_COMBINED_SIZE"
|
||||
VARIABLE_FILES_TMP_NAMES "FILES_TMPNAMES"
|
||||
VARIABLE_FULL_REQUEST "FULL_REQUEST"
|
||||
VARIABLE_FULL_REQUEST_LENGTH "FULL_REQUEST_LENGTH"
|
||||
VARIABLE_INBOUND_DATA_ERROR "INBOUND_DATA_ERROR"
|
||||
VARIABLE_MATCHED_VAR "MATCHED_VAR"
|
||||
VARIABLE_MATCHED_VAR_NAME "MATCHED_VAR_NAME"
|
||||
VARIABLE_MULTIPART_CRLF_LF_LINES "MULTIPART_CRLF_LF_LINES"
|
||||
VARIABLE_MULTIPART_DATA_AFTER "MULTIPART_DATA_AFTER"
|
||||
VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED "MULTIPART_FILE_LIMIT_EXCEEDED"
|
||||
VARIABLE_MULTIPART_HEADER_FOLDING "MULTIPART_HEADER_FOLDING"
|
||||
VARIABLE_MULTIPART_INVALID_HEADER_FOLDING "MULTIPART_INVALID_HEADER_FOLDING"
|
||||
VARIABLE_MULTIPART_INVALID_QUOTING "MULTIPART_INVALID_QUOTING"
|
||||
VARIABLE_MULTIPART_STRICT_ERROR "MULTIPART_STRICT_ERROR"
|
||||
VARIABLE_MULTIPART_UNMATCHED_BOUNDARY "MULTIPART_UNMATCHED_BOUNDARY"
|
||||
VARIABLE_OUTBOUND_DATA_ERROR "OUTBOUND_DATA_ERROR"
|
||||
VARIABLE_PATH_INFO "PATH_INFO"
|
||||
VARIABLE_QUERY_STRING "QUERY_STRING"
|
||||
VARIABLE_REMOTE_ADDR "REMOTE_ADDR"
|
||||
VARIABLE_REMOTE_HOST "REMOTE_HOST"
|
||||
VARIABLE_REMOTE_PORT "REMOTE_PORT"
|
||||
VARIABLE_REQBODY_ERROR_MSG "REQBODY_ERROR_MSG"
|
||||
VARIABLE_REQBODY_ERROR "REQBODY_ERROR"
|
||||
VARIABLE_REQBODY_PROCESSOR_ERROR_MSG "REQBODY_PROCESSOR_ERROR_MSG"
|
||||
VARIABLE_REQBODY_PROCESSOR_ERROR "REQBODY_PROCESSOR_ERROR"
|
||||
VARIABLE_REQBODY_PROCESSOR "REQBODY_PROCESSOR"
|
||||
VARIABLE_REQUEST_BASENAME "REQUEST_BASENAME"
|
||||
VARIABLE_REQUEST_BODY_LENGTH "REQUEST_BODY_LENGTH"
|
||||
VARIABLE_REQUEST_BODY "REQUEST_BODY"
|
||||
VARIABLE_REQUEST_FILE_NAME "REQUEST_FILENAME"
|
||||
VARIABLE_REQUEST_HEADERS_NAMES
|
||||
VARIABLE_REQUEST_LINE "REQUEST_LINE"
|
||||
VARIABLE_REQUEST_METHOD "REQUEST_METHOD"
|
||||
VARIABLE_REQUEST_PROTOCOL "REQUEST_PROTOCOL"
|
||||
VARIABLE_REQUEST_URI_RAW "REQUEST_URI_RAW"
|
||||
VARIABLE_REQUEST_URI "REQUEST_URI"
|
||||
VARIABLE_RESOURCE "RESOURCE"
|
||||
VARIABLE_RESPONSE_BODY "RESPONSE_BODY"
|
||||
VARIABLE_RESPONSE_CONTENT_LENGTH "RESPONSE_CONTENT_LENGTH"
|
||||
VARIABLE_RESPONSE_CONTENT_TYPE
|
||||
VARIABLE_RESPONSE_HEADERS_NAMES
|
||||
VARIABLE_RESPONSE_PROTOCOL "RESPONSE_PROTOCOL"
|
||||
VARIABLE_RESPONSE_STATUS "RESPONSE_STATUS"
|
||||
VARIABLE_SERVER_ADDR "SERVER_ADDR"
|
||||
VARIABLE_SERVER_NAME "SERVER_NAME"
|
||||
VARIABLE_SERVER_PORT "SERVER_PORT"
|
||||
VARIABLE_SESSION_ID "SESSIONID"
|
||||
VARIABLE_UNIQUE_ID "UNIQUE_ID"
|
||||
VARIABLE_URL_ENCODED_ERROR "URLENCODED_ERROR"
|
||||
VARIABLE_USER_ID "USERID"
|
||||
ACTION_SETVAR "SetVar"
|
||||
SETVAR_OPERATION_EQUALS
|
||||
SETVAR_OPERATION_EQUALS_PLUS
|
||||
SETVAR_OPERATION_EQUALS_MINUS
|
||||
;
|
||||
|
||||
%token <std::string>
|
||||
ACTION_ACCURACY "Accuracy"
|
||||
@@ -309,7 +424,6 @@ using modsecurity::operators::Operator;
|
||||
ACTION_SETRSC "SetSrc"
|
||||
ACTION_SETSID "SetSid"
|
||||
ACTION_SETUID "SetUID"
|
||||
ACTION_SETVAR "SetVar"
|
||||
ACTION_SEVERITY "Severity"
|
||||
ACTION_SKIP "Skip"
|
||||
ACTION_SKIP_AFTER "SkipAfter"
|
||||
@@ -1142,22 +1256,275 @@ var:
|
||||
std::unique_ptr<Variable> c(new Variables::ArgsNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE
|
||||
| VARIABLE_ARGS_GET_NAMES
|
||||
{
|
||||
std::string name($1);
|
||||
char z = name.at(0);
|
||||
if (z == '&') {
|
||||
name.erase(0, 1);
|
||||
std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
|
||||
$$ = std::move(c);
|
||||
} else if (z == '!') {
|
||||
name.erase(0, 1);
|
||||
std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
|
||||
$$ = std::move(c);
|
||||
} else {
|
||||
std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
|
||||
$$ = std::move(c);
|
||||
}
|
||||
std::unique_ptr<Variable> c(new Variables::ArgsGetNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_ARGS_POST_NAMES
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ArgsPostNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_HEADERS_NAMES
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestHeadersNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_CONTENT_TYPE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseContentType());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_HEADERS_NAMES
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseHeadersNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_ARGS_COMBINED_SIZE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ArgsCombinedSize());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_AUTH_TYPE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::AuthType());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_FILES_COMBINED_SIZE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::FilesCombinedSize());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_FILES_TMP_NAMES
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::FilesTmpNames());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_FULL_REQUEST
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::FullRequest());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_FULL_REQUEST_LENGTH
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::FullRequestLength());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_INBOUND_DATA_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::InboundDataError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MATCHED_VAR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MatchedVar());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MATCHED_VAR_NAME
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MatchedVarName());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_CRLF_LF_LINES
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartCrlfLFLines());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_DATA_AFTER
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartDateAfter());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartFileLimitExceeded());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_HEADER_FOLDING
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartHeaderFolding());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_INVALID_HEADER_FOLDING
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartInvalidHeaderFolding());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_INVALID_QUOTING
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartInvalidQuoting());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_STRICT_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartStrictError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_MULTIPART_UNMATCHED_BOUNDARY
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::MultipartUnmatchedBoundary());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_OUTBOUND_DATA_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::OutboundDataError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_PATH_INFO
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::PathInfo());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_QUERY_STRING
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::QueryString());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REMOTE_ADDR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RemoteAddr());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REMOTE_HOST
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RemoteHost());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REMOTE_PORT
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RemotePort());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQBODY_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ReqbodyError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQBODY_ERROR_MSG
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ReqbodyErrorMsg());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessor());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR_ERROR_MSG
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorErrorMsg());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_BASENAME
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestBasename());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_BODY
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestBody());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_BODY_LENGTH
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestBodyLength());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_FILE_NAME
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestFilename());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_LINE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestLine());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_METHOD
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestMethod());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_PROTOCOL
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestProtocol());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_URI
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestURI());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_REQUEST_URI_RAW
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::RequestURIRaw());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESOURCE
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::Resource());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_BODY
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseBody());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_CONTENT_LENGTH
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseContentLength());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_PROTOCOL
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseProtocol());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_RESPONSE_STATUS
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ResponseStatus());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_SERVER_ADDR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ServerAddr());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_SERVER_NAME
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ServerName());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_SERVER_PORT
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::ServerPort());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_SESSION_ID
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::SessionID());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_UNIQUE_ID
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::UniqueID());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_URL_ENCODED_ERROR
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::UrlEncodedError());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_USER_ID
|
||||
{
|
||||
std::unique_ptr<Variable> c(new Variables::UserID());
|
||||
$$ = std::move(c);
|
||||
}
|
||||
| VARIABLE_STATUS
|
||||
{
|
||||
@@ -1450,20 +1817,9 @@ var:
|
||||
}
|
||||
| RUN_TIME_VAR_XML
|
||||
{
|
||||
std::string name($1);
|
||||
char z = name.at(0);
|
||||
if (z == '&') {
|
||||
name.erase(0, 1);
|
||||
std::unique_ptr<Variable> c(new Count(new XML(name)));
|
||||
$$ = std::move(c);
|
||||
} else if (z == '!') {
|
||||
name.erase(0, 1);
|
||||
std::unique_ptr<Variable> c(new Exclusion(new XML(name)));
|
||||
$$ = std::move(c);
|
||||
} else {
|
||||
std::string name($1);
|
||||
std::unique_ptr<Variable> c(new XML(name));
|
||||
$$ = std::move(c);
|
||||
}
|
||||
}
|
||||
| RUN_TIME_VAR_RULE
|
||||
{
|
||||
@@ -1707,9 +2063,21 @@ act:
|
||||
{
|
||||
ACTION_CONTAINER($$, new actions::SetUID($1));
|
||||
}
|
||||
| ACTION_SETVAR
|
||||
| ACTION_SETVAR VARIABLE
|
||||
{
|
||||
ACTION_CONTAINER($$, new actions::SetVar($1));
|
||||
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOne, $2));
|
||||
}
|
||||
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS FREE_TEXT
|
||||
{
|
||||
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setOperation, $2, $4));
|
||||
}
|
||||
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS_PLUS FREE_TEXT
|
||||
{
|
||||
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, $2, $4));
|
||||
}
|
||||
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS_MINUS FREE_TEXT
|
||||
{
|
||||
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, $2, $4));
|
||||
}
|
||||
| ACTION_SEVERITY
|
||||
{
|
||||
|
||||
@@ -172,6 +172,8 @@ CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
|
||||
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
|
||||
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
|
||||
DICT_ELEMENT [^ \t|]+
|
||||
DICT_ELEMENT_TWO [^\"\=]+
|
||||
DICT_ELEMENT_TWO2 [A-Za-z_ -\%\{\.\}\-\/]+
|
||||
DIRECTIVE (?i:SecRule)
|
||||
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
|
||||
FREE_TEXT_NEW_LINE [^\"|\n]+
|
||||
@@ -180,6 +182,7 @@ FREE_TEXT_QUOTE_COMMA [^,\']+
|
||||
FREE_TEXT_SPACE [^ \t]+
|
||||
FREE_TEXT_SPACE_COMMA [^, \t]+
|
||||
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
|
||||
FREE_TEXT_COMMA_QUOTE [^,\"\\n\\r]+
|
||||
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
|
||||
|
||||
OPERATOR_UNCONDITIONAL_MATCH (?i:@unconditionalMatch)
|
||||
@@ -243,19 +246,87 @@ RUN_TIME_VAR_TIME_SEC (?i:TIME_SEC)
|
||||
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
|
||||
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
|
||||
RUN_TIME_VAR_XML (?i:XML)
|
||||
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
|
||||
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
|
||||
VARIABLE_ARGS_NAMES (?i:ARGS_NAMES)
|
||||
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
|
||||
|
||||
|
||||
VARIABLE_ARGS_COMBINED_SIZE (?i:ARGS_COMBINED_SIZE)
|
||||
VARIABLE_ARGS_GET_NAMES (?i:ARGS_GET_NAMES)
|
||||
VARIABLE_ARGS_NAMES (?i:ARGS_NAMES)
|
||||
VARIABLE_ARGS_POST_NAMES (?i:ARGS_POST_NAMES)
|
||||
VARIABLE_AUTH_TYPE (?i:AUTH_TYPE)
|
||||
VARIABLE_FILES_COMBINED_SIZE (?i:FILES_COMBINED_SIZE)
|
||||
VARIABLE_FILES_TMP_NAMES (?i:FILES_TMPNAMES)
|
||||
VARIABLE_FULL_REQUEST (?i:FULL_REQUEST)
|
||||
VARIABLE_FULL_REQUEST_LENGTH (?i:FULL_REQUEST_LENGTH)
|
||||
VARIABLE_INBOUND_DATA_ERROR (?i:INBOUND_DATA_ERROR)
|
||||
VARIABLE_MATCHED_VAR (?i:MATCHED_VAR)
|
||||
VARIABLE_MATCHED_VAR_NAME (?i:MATCHED_VAR_NAME)
|
||||
VARIABLE_MULTIPART_CRLF_LF_LINES (?i:MULTIPART_CRLF_LF_LINES)
|
||||
VARIABLE_MULTIPART_DATA_AFTER (?i:MULTIPART_DATA_AFTER)
|
||||
VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED (?i:MULTIPART_FILE_LIMIT_EXCEEDED)
|
||||
VARIABLE_MULTIPART_HEADER_FOLDING (?i:MULTIPART_HEADER_FOLDING)
|
||||
VARIABLE_MULTIPART_INVALID_HEADER_FOLDING (?i:MULTIPART_INVALID_HEADER_FOLDING)
|
||||
VARIABLE_MULTIPART_INVALID_QUOTING (?i:MULTIPART_INVALID_QUOTING)
|
||||
VARIABLE_MULTIPART_STRICT_ERROR (?i:MULTIPART_STRICT_ERROR)
|
||||
VARIABLE_MULTIPART_UNMATCHED_BOUNDARY (?i:MULTIPART_UNMATCHED_BOUNDARY)
|
||||
VARIABLE_OUTBOUND_DATA_ERROR (?i:OUTBOUND_DATA_ERROR)
|
||||
VARIABLE_PATH_INFO (?i:PATH_INFO)
|
||||
VARIABLE_QUERY_STRING (?i:QUERY_STRING)
|
||||
VARIABLE_REMOTE_ADDR (?i:REMOTE_ADDR)
|
||||
VARIABLE_REMOTE_HOST (?i:REMOTE_HOST)
|
||||
VARIABLE_REMOTE_PORT (?i:REMOTE_PORT)
|
||||
VARIABLE_REQBODY_ERROR (?i:REQBODY_ERROR)
|
||||
VARIABLE_REQBODY_ERROR_MSG (?i:REQBODY_ERROR_MSG)
|
||||
VARIABLE_REQBODY_PROCESSOR_ERROR (?i:REQBODY_PROCESSOR_ERROR)
|
||||
VARIABLE_REQBODY_PROCESSOR_ERROR_MSG (?i:REQBODY_PROCESSOR_ERROR_MSG)
|
||||
VARIABLE_REQBODY_PROCESSOR (?i:REQBODY_PROCESSOR)
|
||||
VARIABLE_REQUEST_BASENAME (?i:REQUEST_BASENAME)
|
||||
VARIABLE_REQUEST_BODY (?i:REQUEST_BODY)
|
||||
VARIABLE_REQUEST_BODY_LENGTH (?i:REQUEST_BODY_LENGTH)
|
||||
VARIABLE_REQUEST_FILE_NAME (?i:REQUEST_FILENAME)
|
||||
VARIABLE_REQUEST_HEADERS_NAMES (?i:REQUEST_HEADERS_NAMES)
|
||||
VARIABLE_REQUEST_LINE (?i:REQUEST_LINE)
|
||||
VARIABLE_REQUEST_METHOD (?i:REQUEST_METHOD)
|
||||
VARIABLE_REQUEST_PROTOCOL (?i:REQUEST_PROTOCOL)
|
||||
VARIABLE_REQUEST_URI (?i:REQUEST_URI)
|
||||
VARIABLE_REQUEST_URI_RAW (?i:REQUEST_URI_RAW)
|
||||
VARIABLE_RESOURCE (?i:RESOURCE)
|
||||
VARIABLE_RESPONSE_BODY (?i:RESPONSE_BODY)
|
||||
VARIABLE_RESPONSE_CONTENT_LENGTH (?i:RESPONSE_CONTENT_LENGTH)
|
||||
VARIABLE_RESPONSE_CONTENT_TYPE (?i:RESPONSE_CONTENT_TYPE)
|
||||
VARIABLE_RESPONSE_HEADERS_NAMES (?i:RESPONSE_HEADERS_NAMES)
|
||||
VARIABLE_RESPONSE_PROTOCOL (?i:RESPONSE_PROTOCOL)
|
||||
VARIABLE_RESPONSE_STATUS (?i:RESPONSE_STATUS)
|
||||
VARIABLE_SERVER_ADDR (?i:SERVER_ADDR)
|
||||
VARIABLE_SERVER_NAME (?i:SERVER_NAME)
|
||||
VARIABLE_SERVER_PORT (?i:SERVER_PORT)
|
||||
VARIABLE_SESSION_ID (?i:SESSIONID)
|
||||
VARIABLE_UNIQUE_ID (?i:UNIQUE_ID)
|
||||
VARIABLE_URL_ENCODED_ERROR (?i:URLENCODED_ERROR)
|
||||
VARIABLE_USER_ID (?i:USERID)
|
||||
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
|
||||
|
||||
|
||||
|
||||
|
||||
VARIABLE_COL (?i:(GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|REQUEST_COOKIES_NAMES))
|
||||
VARIABLE_SESSION (?i:(SESSION))
|
||||
VARIABLE_IP (?i:(IP))
|
||||
VARIABLE_USER (?i:(USER))
|
||||
|
||||
VARIABLE_STATUS (?i:(STATUS[^:]))
|
||||
VARIABLE_TX (?i:TX)
|
||||
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
|
||||
VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
|
||||
VAR_FREE_TEXT_SPACE [^ \t\"]+
|
||||
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
|
||||
|
||||
NEW_LINE [\n\r]+
|
||||
|
||||
EQUALS (?i:=)
|
||||
EQUALS_PLUS (?i:=\+)
|
||||
EQUALS_MINUS (?i:=\-)
|
||||
|
||||
|
||||
|
||||
%x TRANSACTION_TO_VARIABLE
|
||||
%x EXPECTING_VARIABLE
|
||||
%x TRANSACTION_FROM_VARIABLE_TO_OPERATOR
|
||||
@@ -269,6 +340,9 @@ NEW_LINE [\n\r]+
|
||||
%x FINISH_ACTIONS
|
||||
%x LEXING_ERROR
|
||||
%x LEXING_ERROR_ACTION
|
||||
%x SETVAR_ACTION_WAITING_VARIABLE
|
||||
%x SETVAR_ACTION_WAITING_OPERATION
|
||||
%x SETVAR_ACTION_WAITING_CONTENT
|
||||
|
||||
%{
|
||||
// Code run each time a pattern is matched.
|
||||
@@ -343,10 +417,10 @@ NEW_LINE [\n\r]+
|
||||
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
||||
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
||||
|
||||
{ACTION_SETVAR}: { BEGIN(SETVAR_ACTION_WAITING_VARIABLE); return p::make_ACTION_SETVAR(*driver.loc.back()); }
|
||||
|
||||
|
||||
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
||||
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
||||
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
|
||||
@@ -402,6 +476,51 @@ NEW_LINE [\n\r]+
|
||||
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||
}
|
||||
|
||||
<SETVAR_ACTION_WAITING_VARIABLE>{
|
||||
\'* { }
|
||||
\"* { }
|
||||
{VARIABLE_TX}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_TX}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_TX}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_TX}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_SESSION}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_SESSION}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_SESSION}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_SESSION}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_IP}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_IP}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_IP}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_IP}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_USER}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_USER}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_USER}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
{VARIABLE_USER}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
<SETVAR_ACTION_WAITING_OPERATION>{
|
||||
[ \t]*\n { BEGIN(INITIAL); yyless(1); }
|
||||
[ \t]*\r\n { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
[ \t]*\n { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
[ \t]*\r\n { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
[ \t]*\"[ \t]* { }
|
||||
[ \t]*\'[ \t]* { }
|
||||
\"[ \t]*\n { BEGIN(EXPECTING_ACTIONS); yyless(1); }
|
||||
\"[ \t]*\r\n { BEGIN(EXPECTING_ACTIONS); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||
{EQUALS_PLUS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
|
||||
{EQUALS_MINUS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
|
||||
{EQUALS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
|
||||
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||
}
|
||||
|
||||
<SETVAR_ACTION_WAITING_CONTENT>{
|
||||
[^,"\n]+ { BEGIN(EXPECTING_ACTIONS); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
|
||||
}
|
||||
|
||||
<FINISH_ACTIONS>{
|
||||
<<EOF>> { BEGIN(INITIAL); yyless(0); p::make_NEW_LINE(*driver.loc.back()); }
|
||||
@@ -488,7 +607,6 @@ NEW_LINE [\n\r]+
|
||||
|
||||
|
||||
<EXPECTING_VARIABLE>{
|
||||
{VARIABLE_ARGS_NAMES} { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
|
||||
|
||||
[!&]?{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
||||
[!&]?{RUN_TIME_VAR_DUR} { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
||||
@@ -508,15 +626,18 @@ NEW_LINE [\n\r]+
|
||||
[!&]?{RUN_TIME_VAR_TIME} { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
|
||||
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLENOCOLON} { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
|
||||
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
["][!&]?{RUN_TIME_VAR_BLD}["] { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
||||
["][!&]?{RUN_TIME_VAR_DUR}["] { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
||||
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
|
||||
@@ -526,14 +647,75 @@ NEW_LINE [\n\r]+
|
||||
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
|
||||
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLENOCOLON}["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||
[&]?{RUN_TIME_VAR_TIME_WDAY} { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
|
||||
|
||||
{VARIABLE_ARGS_COMBINED_SIZE} { return p::make_VARIABLE_ARGS_COMBINED_SIZE(*driver.loc.back()); }
|
||||
{VARIABLE_ARGS_GET_NAMES} { return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_ARGS_NAMES} { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_ARGS_POST_NAMES} { return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_AUTH_TYPE} { return p::make_VARIABLE_AUTH_TYPE(*driver.loc.back()); }
|
||||
{VARIABLE_FILES_COMBINED_SIZE} { return p::make_VARIABLE_FILES_COMBINED_SIZE(*driver.loc.back()); }
|
||||
{VARIABLE_FILES_TMP_NAMES} { return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_FULL_REQUEST_LENGTH} { return p::make_VARIABLE_FULL_REQUEST_LENGTH(*driver.loc.back()); }
|
||||
{VARIABLE_FULL_REQUEST} { return p::make_VARIABLE_FULL_REQUEST(*driver.loc.back()); }
|
||||
{VARIABLE_INBOUND_DATA_ERROR} { return p::make_VARIABLE_INBOUND_DATA_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_MATCHED_VAR_NAME} { return p::make_VARIABLE_MATCHED_VAR_NAME(*driver.loc.back()); }
|
||||
{VARIABLE_MATCHED_VAR} { return p::make_VARIABLE_MATCHED_VAR(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_CRLF_LF_LINES} { return p::make_VARIABLE_MULTIPART_CRLF_LF_LINES(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_DATA_AFTER} { return p::make_VARIABLE_MULTIPART_DATA_AFTER(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED} { return p::make_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_HEADER_FOLDING} { return p::make_VARIABLE_MULTIPART_HEADER_FOLDING(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_INVALID_HEADER_FOLDING} { return p::make_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_INVALID_QUOTING} { return p::make_VARIABLE_MULTIPART_INVALID_QUOTING(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_STRICT_ERROR} { return p::make_VARIABLE_MULTIPART_STRICT_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_MULTIPART_UNMATCHED_BOUNDARY} { return p::make_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY(*driver.loc.back()); }
|
||||
{VARIABLE_OUTBOUND_DATA_ERROR} { return p::make_VARIABLE_OUTBOUND_DATA_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_PATH_INFO} { return p::make_VARIABLE_PATH_INFO(*driver.loc.back()); }
|
||||
{VARIABLE_QUERY_STRING} { return p::make_VARIABLE_QUERY_STRING(*driver.loc.back()); }
|
||||
{VARIABLE_REMOTE_ADDR} { return p::make_VARIABLE_REMOTE_ADDR(*driver.loc.back()); }
|
||||
{VARIABLE_REMOTE_HOST} { return p::make_VARIABLE_REMOTE_HOST(*driver.loc.back()); }
|
||||
{VARIABLE_REMOTE_PORT} { return p::make_VARIABLE_REMOTE_PORT(*driver.loc.back()); }
|
||||
{VARIABLE_REQBODY_ERROR_MSG} { return p::make_VARIABLE_REQBODY_ERROR_MSG(*driver.loc.back()); }
|
||||
{VARIABLE_REQBODY_ERROR} { return p::make_VARIABLE_REQBODY_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_REQBODY_PROCESSOR_ERROR_MSG} { return p::make_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG(*driver.loc.back()); }
|
||||
{VARIABLE_REQBODY_PROCESSOR_ERROR} { return p::make_VARIABLE_REQBODY_PROCESSOR_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_REQBODY_PROCESSOR} { return p::make_VARIABLE_REQBODY_PROCESSOR(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_BASENAME} { return p::make_VARIABLE_REQUEST_BASENAME(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_BODY_LENGTH} { return p::make_VARIABLE_REQUEST_BODY_LENGTH(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_BODY} { return p::make_VARIABLE_REQUEST_BODY(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_FILE_NAME} { return p::make_VARIABLE_REQUEST_FILE_NAME(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_HEADERS_NAMES} { return p::make_VARIABLE_REQUEST_HEADERS_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_LINE} { return p::make_VARIABLE_REQUEST_LINE(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_METHOD} { return p::make_VARIABLE_REQUEST_METHOD(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_PROTOCOL} { return p::make_VARIABLE_REQUEST_PROTOCOL(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_URI_RAW} { return p::make_VARIABLE_REQUEST_URI_RAW(*driver.loc.back()); }
|
||||
{VARIABLE_REQUEST_URI} { return p::make_VARIABLE_REQUEST_URI(*driver.loc.back()); }
|
||||
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_BODY} { return p::make_VARIABLE_RESPONSE_BODY(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_CONTENT_LENGTH} { return p::make_VARIABLE_RESPONSE_CONTENT_LENGTH(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_CONTENT_TYPE} { return p::make_VARIABLE_RESPONSE_CONTENT_TYPE(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_HEADERS_NAMES} { return p::make_VARIABLE_RESPONSE_HEADERS_NAMES(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_PROTOCOL} { return p::make_VARIABLE_RESPONSE_PROTOCOL(*driver.loc.back()); }
|
||||
{VARIABLE_RESPONSE_STATUS} { return p::make_VARIABLE_RESPONSE_STATUS(*driver.loc.back()); }
|
||||
{VARIABLE_SERVER_ADDR} { return p::make_VARIABLE_SERVER_ADDR(*driver.loc.back()); }
|
||||
{VARIABLE_SERVER_NAME} { return p::make_VARIABLE_SERVER_NAME(*driver.loc.back()); }
|
||||
{VARIABLE_SERVER_PORT} { return p::make_VARIABLE_SERVER_PORT(*driver.loc.back()); }
|
||||
{VARIABLE_SESSION_ID} { return p::make_VARIABLE_SESSION_ID(*driver.loc.back()); }
|
||||
{VARIABLE_UNIQUE_ID} { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); }
|
||||
{VARIABLE_URL_ENCODED_ERROR} { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
|
||||
{VARIABLE_USER_ID} { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
|
||||
|
||||
|
||||
}
|
||||
|
||||
<EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{
|
||||
|
||||
@@ -859,8 +859,9 @@ int Multipart::process_boundary(int last_part) {
|
||||
* is clear that there is no more data to be processed.
|
||||
*/
|
||||
int Multipart::multipart_complete(std::string *error) {
|
||||
m_transaction->m_collections.store("MULTIPART_UNMATCHED_BOUNDARY",
|
||||
std::to_string(m_flag_unmatched_boundary));
|
||||
m_transaction->m_variableMultipartUnmatchedBoundary.set(
|
||||
std::to_string(m_flag_unmatched_boundary),
|
||||
m_transaction->m_variableOffset);
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_DATA_BEFORE",
|
||||
std::to_string(m_flag_data_before));
|
||||
@@ -868,8 +869,9 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
debug(4, "Multipart: Warning: seen data before first boundary.");
|
||||
}
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_DATA_AFTER",
|
||||
std::to_string(m_flag_data_after));
|
||||
m_transaction->m_variableMultipartDataAfter.set(
|
||||
std::to_string(m_flag_data_after),
|
||||
m_transaction->m_variableOffset);
|
||||
if (m_flag_data_after) {
|
||||
debug(4, "Multipart: Warning: seen data after last boundary.");
|
||||
}
|
||||
@@ -886,8 +888,9 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
debug(4, "Multipart: Warning: boundary whitespace in C-T header.");
|
||||
}
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_HEADER_FOLDING",
|
||||
std::to_string(m_flag_header_folding));
|
||||
m_transaction->m_variableMultipartHeaderFolding.set(
|
||||
std::to_string(m_flag_header_folding),
|
||||
m_transaction->m_variableOffset);
|
||||
if (m_flag_header_folding) {
|
||||
debug(4, "Multipart: Warning: header folding used.");
|
||||
}
|
||||
@@ -896,8 +899,9 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
std::to_string(m_flag_crlf_line));
|
||||
m_transaction->m_collections.store("MULTIPART_LF_LINE",
|
||||
std::to_string(m_flag_lf_line));
|
||||
m_transaction->m_collections.store("MULTIPART_CRLF_LF_LINES",
|
||||
std::to_string(m_flag_crlf_line && m_flag_lf_line));
|
||||
m_transaction->m_variableMultipartCrlfLFLines.set(
|
||||
std::to_string(m_flag_crlf_line && m_flag_lf_line),
|
||||
m_transaction->m_variableOffset);
|
||||
if (m_flag_crlf_line && m_flag_lf_line) {
|
||||
debug(4, "Multipart: Warning: mixed line endings used (CRLF/LF).");
|
||||
} else if (m_flag_lf_line) {
|
||||
@@ -910,8 +914,9 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
debug(4, "Multipart: Warning: missing semicolon in C-T header.");
|
||||
}
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_INVALID_QUOTING",
|
||||
std::to_string(m_flag_invalid_quoting));
|
||||
m_transaction->m_variableMultipartInvalidQuoting.set(
|
||||
std::to_string(m_flag_invalid_quoting),
|
||||
m_transaction->m_variableOffset);
|
||||
if (m_flag_invalid_quoting) {
|
||||
debug(4, "Multipart: Warning: invalid quoting used.");
|
||||
}
|
||||
@@ -922,20 +927,21 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
debug(4, "Multipart: Warning: invalid part parsing.");
|
||||
}
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_INVALID_HEADER_FOLDING",
|
||||
std::to_string(m_flag_invalid_header_folding));
|
||||
m_transaction->m_variableMultipartInvalidHeaderFolding.set(
|
||||
std::to_string(m_flag_invalid_header_folding),
|
||||
m_transaction->m_variableOffset);
|
||||
if (m_flag_invalid_header_folding) {
|
||||
debug(4, "Multipart: Warning: invalid header folding used.");
|
||||
}
|
||||
|
||||
m_transaction->m_collections.store("MULTIPART_STRICT_ERROR",
|
||||
m_transaction->m_variableMultipartStrictError.set(
|
||||
std::to_string(m_flag_error || m_flag_boundary_quoted != 0
|
||||
|| m_flag_boundary_whitespace != 0 || m_flag_data_before != 0
|
||||
|| m_flag_data_after != 0 || m_flag_header_folding != 0
|
||||
|| m_flag_lf_line != 0 || m_flag_missing_semicolon != 0
|
||||
|| m_flag_invalid_quoting != 0 || m_flag_invalid_part != 0
|
||||
|| m_flag_invalid_header_folding != 0
|
||||
|| m_flag_file_limit_exceeded != 0));
|
||||
|| m_flag_file_limit_exceeded != 0), m_transaction->m_variableOffset);
|
||||
|
||||
|
||||
if ((m_seen_data != 0) && (m_is_complete == 0)) {
|
||||
@@ -1031,8 +1037,9 @@ int Multipart::multipart_complete(std::string *error) {
|
||||
std::to_string(m_transaction->->m_ARGScombinedSize));
|
||||
#endif
|
||||
}
|
||||
m_transaction->m_collections.store("FILES_COMBINED_SIZE",
|
||||
std::to_string(file_combined_size));
|
||||
m_transaction->m_variableFilesCombinedSize.set(
|
||||
std::to_string(file_combined_size),
|
||||
m_transaction->m_variableOffset);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -173,8 +173,8 @@ bool Rule::evaluateActions(Transaction *trasn) {
|
||||
void Rule::updateMatchedVars(Transaction *trasn, std::string key,
|
||||
std::string value) {
|
||||
trasn->debug(4, "Matched vars updated.");
|
||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", value);
|
||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR_NAME", key);
|
||||
trasn->m_variableMatchedVar.set(value, trasn->m_variableOffset);
|
||||
trasn->m_variableMatchedVarName.set(key, trasn->m_variableOffset);
|
||||
trasn->m_collections.store("MATCHED_VARS:" + key, value);
|
||||
trasn->m_collections.store("MATCHED_VARS_NAMES:" + key, key);
|
||||
}
|
||||
@@ -183,6 +183,7 @@ void Rule::updateMatchedVars(Transaction *trasn, std::string key,
|
||||
void Rule::cleanMatchedVars(Transaction *trasn) {
|
||||
trasn->debug(4, "Matched vars cleaned.");
|
||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", "");
|
||||
trasn->m_variableMatchedVar.set("", trasn->m_variableOffset);
|
||||
trasn->m_collections.del("MATCHED_VARS_NAME");
|
||||
trasn->m_collections.del("MATCHED_VARS");
|
||||
trasn->m_collections.del("MATCHED_VARS_NAMES");
|
||||
|
||||
@@ -109,15 +109,9 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
||||
m_timeStamp(std::time(NULL)),
|
||||
m_httpCodeReturned(200),
|
||||
m_highestSeverityAction(255),
|
||||
m_ARGScombinedSize(0),
|
||||
m_ARGScombinedSizeStr(NULL),
|
||||
m_namesArgsPost(NULL),
|
||||
m_namesArgsGet(NULL),
|
||||
m_ARGScombinedSizeDouble(0),
|
||||
m_requestBodyType(UnknownFormat),
|
||||
m_requestBodyProcessor(UnknownFormat),
|
||||
m_requestHeadersNames(NULL),
|
||||
m_responseHeadersNames(NULL),
|
||||
m_responseContentType(NULL),
|
||||
m_requestBodyAccess(Rules::PropertyNotSetConfigBoolean),
|
||||
m_marker(""),
|
||||
m_allowType(modsecurity::actions::disruptive::NoneAllowType),
|
||||
@@ -135,23 +129,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
||||
std::to_string(modsecurity::utils::generate_transaction_unique_id());
|
||||
m_rules->incrementReferenceCount();
|
||||
|
||||
m_collections.store("ARGS_COMBINED_SIZE", std::string("0"));
|
||||
m_ARGScombinedSizeStr = m_collections.resolveFirst("ARGS_COMBINED_SIZE");
|
||||
m_collections.store("ARGS_POST_NAMES", std::string(""));
|
||||
this->m_namesArgsPost = m_collections.resolveFirst("ARGS_POST_NAMES");
|
||||
m_collections.store("ARGS_GET_NAMES", std::string(""));
|
||||
this->m_namesArgsGet = m_collections.resolveFirst("ARGS_GET_NAMES");
|
||||
m_collections.store("REQUEST_HEADERS_NAMES", std::string(""));
|
||||
this->m_requestHeadersNames = m_collections.resolveFirst(
|
||||
"REQUEST_HEADERS_NAMES");
|
||||
m_collections.store("RESPONSE_HEADERS_NAMES", std::string(""));
|
||||
this->m_responseHeadersNames = m_collections.resolveFirst(
|
||||
"RESPONSE_HEADERS_NAMES");
|
||||
m_collections.store("RESPONSE_CONTENT_TYPE", std::string(""));
|
||||
this->m_responseContentType = m_collections.resolveFirst(
|
||||
"RESPONSE_CONTENT_TYPE");
|
||||
|
||||
m_collections.storeOrUpdateFirst("URLENCODED_ERROR", "0");
|
||||
m_variableUrlEncodedError.set("0", 0);
|
||||
|
||||
#ifndef NO_LOGS
|
||||
this->debug(4, "Initializing transaction");
|
||||
@@ -233,14 +211,13 @@ int Transaction::processConnection(const char *client, int cPort,
|
||||
debug(4, "Starting phase CONNECTION. (SecRules 0)");
|
||||
#endif
|
||||
|
||||
this->m_collections.store("REMOTE_HOST", m_clientIpAddress);
|
||||
this->m_collections.store("UNIQUE_ID", m_id);
|
||||
this->m_collections.store("REMOTE_ADDR", m_clientIpAddress);
|
||||
this->m_collections.store("SERVER_ADDR", m_serverIpAddress);
|
||||
this->m_collections.store("SERVER_PORT",
|
||||
std::to_string(this->m_serverPort));
|
||||
this->m_collections.store("REMOTE_PORT",
|
||||
std::to_string(this->m_clientPort));
|
||||
m_variableRemoteHost.set(m_clientIpAddress, m_variableOffset);
|
||||
m_variableUniqueID.set(m_id, m_variableOffset);
|
||||
m_variableRemoteAddr.set(m_clientIpAddress, m_variableOffset);
|
||||
m_variableServerAddr.set(m_serverIpAddress, m_variableOffset);
|
||||
m_variableServerPort.set(std::to_string(this->m_serverPort), m_variableOffset);
|
||||
m_variableRemotePort.set(std::to_string(this->m_clientPort), m_variableOffset);
|
||||
|
||||
this->m_rules->evaluate(modsecurity::ConnectionPhase, this);
|
||||
return true;
|
||||
}
|
||||
@@ -289,7 +266,7 @@ bool Transaction::extractArguments(const std::string &orig,
|
||||
&invalid, &changed);
|
||||
|
||||
if (invalid) {
|
||||
m_collections.storeOrUpdateFirst("URLENCODED_ERROR", "1");
|
||||
m_variableUrlEncodedError.set("1", m_variableOffset);
|
||||
}
|
||||
|
||||
addArgument(orig, std::string(reinterpret_cast<char *>(key_c), key_s-1),
|
||||
@@ -309,30 +286,20 @@ bool Transaction::addArgument(const std::string& orig, const std::string& key,
|
||||
key + "\", value \"" + value + "\"");
|
||||
|
||||
m_collections.store("ARGS:" + key, value);
|
||||
|
||||
if (orig == "GET") {
|
||||
m_collections.store("ARGS_GET:" + key, value);
|
||||
if (m_namesArgsGet->empty()) {
|
||||
m_namesArgsGet->assign(key);
|
||||
} else {
|
||||
m_namesArgsGet->assign(*m_namesArgsGet + " " + key);
|
||||
}
|
||||
}
|
||||
if (orig == "POST") {
|
||||
m_variableArgGetNames.append(key, 0, true);
|
||||
} else if (orig == "POST") {
|
||||
m_collections.store("ARGS_POST:" + key, value);
|
||||
if (m_namesArgsPost->empty()) {
|
||||
m_namesArgsPost->assign(key);
|
||||
} else {
|
||||
m_namesArgsPost->assign(*m_namesArgsPost + " " + key);
|
||||
}
|
||||
m_variableArgPostNames.append(key, 0, true);
|
||||
}
|
||||
|
||||
m_variableArgsNames.append(key, 0, true);
|
||||
|
||||
|
||||
this->m_ARGScombinedSize = this->m_ARGScombinedSize + \
|
||||
m_ARGScombinedSizeDouble = m_ARGScombinedSizeDouble + \
|
||||
key.length() + value.length();
|
||||
this->m_ARGScombinedSizeStr->assign(
|
||||
std::to_string(this->m_ARGScombinedSize));
|
||||
|
||||
m_variableARGScombinedSize.set(std::to_string(m_ARGScombinedSizeDouble), 0);
|
||||
|
||||
return true;
|
||||
}
|
||||
@@ -377,8 +344,8 @@ int Transaction::processURI(const char *uri, const char *method,
|
||||
size_t pos = m_uri_decoded.find("?");
|
||||
size_t pos_raw = uri_s.find("?");
|
||||
|
||||
m_collections.store("REQUEST_LINE", std::string(method) + " " +
|
||||
std::string(uri) + " HTTP/" + std::string(http_version));
|
||||
m_variableRequestLine.set(std::string(method) + " " + std::string(uri)
|
||||
+ " HTTP/" + std::string(http_version), m_variableOffset);
|
||||
|
||||
if (pos != std::string::npos) {
|
||||
m_uri_no_query_string_decoded = std::string(m_uri_decoded, 0, pos);
|
||||
@@ -387,8 +354,9 @@ int Transaction::processURI(const char *uri, const char *method,
|
||||
}
|
||||
|
||||
if (pos_raw != std::string::npos) {
|
||||
m_collections.store("QUERY_STRING", std::string(uri_s, pos_raw + 1,
|
||||
uri_s.length() - (pos_raw + 1)));
|
||||
std::string qry = std::string(uri_s, pos_raw + 1,
|
||||
uri_s.length() - (pos_raw + 1));
|
||||
m_variableQueryString.set(qry, m_variableOffset);
|
||||
}
|
||||
|
||||
std::string path_info;
|
||||
@@ -397,18 +365,18 @@ int Transaction::processURI(const char *uri, const char *method,
|
||||
} else {
|
||||
path_info = std::string(m_uri_decoded, 0, pos);
|
||||
}
|
||||
m_collections.store("PATH_INFO", path_info);
|
||||
m_collections.store("REQUEST_FILENAME", path_info);
|
||||
m_variablePathInfo.set(path_info, m_variableOffset);
|
||||
m_variableRequestFilename.set(path_info, m_variableOffset);
|
||||
|
||||
size_t offset = path_info.find_last_of("/\\");
|
||||
if (offset != std::string::npos && path_info.length() > offset + 1) {
|
||||
std::string basename = std::string(path_info, offset + 1,
|
||||
path_info.length() - (offset + 1));
|
||||
m_collections.store("REQUEST_BASENAME", basename);
|
||||
m_variableRequestBasename.set(basename, m_variableOffset);
|
||||
}
|
||||
m_collections.store("REQUEST_METHOD", method);
|
||||
m_collections.store("REQUEST_PROTOCOL",
|
||||
"HTTP/" + std::string(http_version));
|
||||
m_variableRequestMethod.set(method, m_variableOffset);
|
||||
m_variableRequestProtocol.set("HTTP/" + std::string(http_version),
|
||||
m_variableOffset);
|
||||
|
||||
std::string parsedURI = m_uri_decoded;
|
||||
// The more popular case is without domain
|
||||
@@ -434,8 +402,8 @@ int Transaction::processURI(const char *uri, const char *method,
|
||||
}
|
||||
}
|
||||
|
||||
m_collections.store("REQUEST_URI", parsedURI);
|
||||
m_collections.store("REQUEST_URI_RAW", uri);
|
||||
m_variableRequestURI.set(parsedURI, m_variableOffset);
|
||||
m_variableRequestURIRaw.set(uri, m_variableOffset);
|
||||
|
||||
if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) {
|
||||
extractArguments("GET", std::string(uri_s, pos_raw + 1,
|
||||
@@ -496,14 +464,14 @@ int Transaction::processRequestHeaders() {
|
||||
*/
|
||||
int Transaction::addRequestHeader(const std::string& key,
|
||||
const std::string& value) {
|
||||
m_requestHeadersNames->assign(*m_requestHeadersNames + " " + key);
|
||||
m_variableRequestHeadersNames.append(key, 0, true);
|
||||
|
||||
this->m_collections.store("REQUEST_HEADERS:" + key, value);
|
||||
|
||||
std::string keyl = utils::string::tolower(key);
|
||||
if (keyl == "authorization") {
|
||||
std::vector<std::string> type = utils::string::split(value, ' ');
|
||||
this->m_collections.store("AUTH_TYPE", type[0]);
|
||||
m_variableAuthType.set(type[0], m_variableOffset);
|
||||
}
|
||||
|
||||
if (keyl == "cookie") {
|
||||
@@ -535,18 +503,18 @@ int Transaction::addRequestHeader(const std::string& key,
|
||||
std::string l = utils::string::tolower(value);
|
||||
if (l.compare(0, multipart.length(), multipart) == 0) {
|
||||
this->m_requestBodyType = MultiPartRequestBody;
|
||||
m_collections.store("REQBODY_PROCESSOR", "MULTIPART");
|
||||
m_variableReqbodyProcessor.set("MULTIPART", m_variableOffset);
|
||||
}
|
||||
|
||||
if (l == "application/x-www-form-urlencoded") {
|
||||
this->m_requestBodyType = WWWFormUrlEncoded;
|
||||
m_collections.store("REQBODY_PROCESSOR", "URLENCODED");
|
||||
m_variableReqbodyProcessor.set("URLENCODED", m_variableOffset);
|
||||
}
|
||||
}
|
||||
|
||||
if (keyl == "host") {
|
||||
std::vector<std::string> host = utils::string::split(value, ':');
|
||||
m_collections.store("SERVER_NAME", host[0]);
|
||||
m_variableServerName.set(host[0], m_variableOffset);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
@@ -637,8 +605,8 @@ int Transaction::processRequestBody() {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (m_collections.resolveFirst("INBOUND_DATA_ERROR") == NULL) {
|
||||
m_collections.store("INBOUND_DATA_ERROR", "0");
|
||||
if (m_variableInboundDataError.m_value.empty() == true) {
|
||||
m_variableInboundDataError.set("0", m_variableOffset);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -658,15 +626,15 @@ int Transaction::processRequestBody() {
|
||||
m_xml->complete(&error);
|
||||
}
|
||||
if (error.empty() == false) {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
||||
"XML parsing error: " + error);
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
||||
"XML parsing error: " + error);
|
||||
m_variableReqbodyError.set("1", m_variableOffset);
|
||||
m_variableReqbodyErrorMsg.set("XML parsing error: " + error,
|
||||
m_variableOffset);
|
||||
m_variableReqbodyProcessorErrorMsg.set("XML parsing error: " \
|
||||
+ error, m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||
} else {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
||||
m_variableReqbodyError.set("1", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||
}
|
||||
} else if (m_requestBodyProcessor == JSONRequestBody) {
|
||||
std::string error;
|
||||
@@ -677,15 +645,15 @@ int Transaction::processRequestBody() {
|
||||
m_json->complete(&error);
|
||||
}
|
||||
if (error.empty() == false) {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
||||
"XML parsing error: " + error);
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
||||
"XML parsing error: " + error);
|
||||
m_variableReqbodyError.set("1", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||
m_variableReqbodyErrorMsg.set("XML parsing error: " + error,
|
||||
m_variableOffset);
|
||||
m_variableReqbodyProcessorErrorMsg.set("XML parsing error: " \
|
||||
+ error, m_variableOffset);
|
||||
} else {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
||||
m_variableReqbodyError.set("0", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||
}
|
||||
} else if (m_requestBodyType == MultiPartRequestBody) {
|
||||
std::string error;
|
||||
@@ -700,15 +668,15 @@ int Transaction::processRequestBody() {
|
||||
m.multipart_complete(&error);
|
||||
}
|
||||
if (error.empty() == false) {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
||||
"Multipart parsing error: " + error);
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
||||
"Multipart parsing error: " + error);
|
||||
m_variableReqbodyError.set("1", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||
m_variableReqbodyErrorMsg.set("Multipart parsing error: " + error,
|
||||
m_variableOffset);
|
||||
m_variableReqbodyProcessorErrorMsg.set("Multipart parsing " \
|
||||
"error: " + error, m_variableOffset);
|
||||
} else {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
||||
m_variableReqbodyError.set("0", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||
}
|
||||
} else if (m_requestBodyType == WWWFormUrlEncoded) {
|
||||
extractArguments("POST", m_requestBody.str());
|
||||
@@ -720,15 +688,15 @@ int Transaction::processRequestBody() {
|
||||
if (a != NULL && a->empty() == false) {
|
||||
error.assign(*a);
|
||||
}
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
||||
"Unknown request body processor: " + error);
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
||||
"Unknown request body processor: " + error);
|
||||
m_variableReqbodyError.set("1", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||
m_variableReqbodyErrorMsg.set("Unknown request body processor: " \
|
||||
+ error, m_variableOffset);
|
||||
m_variableReqbodyProcessorErrorMsg.set("Unknown request body " \
|
||||
"processor: " + error, m_variableOffset);
|
||||
} else {
|
||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
||||
m_variableReqbodyError.set("0", m_variableOffset);
|
||||
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||
}
|
||||
|
||||
#if 1
|
||||
@@ -774,14 +742,15 @@ int Transaction::processRequestBody() {
|
||||
|
||||
fullRequest = fullRequest + "\n\n";
|
||||
fullRequest = fullRequest + m_requestBody.str();
|
||||
m_collections.store("FULL_REQUEST", fullRequest);
|
||||
m_collections.store("FULL_REQUEST_LENGTH",
|
||||
std::to_string(fullRequest.size()));
|
||||
m_variableFullRequest.set(fullRequest, m_variableOffset);
|
||||
m_variableFullRequestLength.set(std::to_string(fullRequest.size()),
|
||||
m_variableOffset);
|
||||
|
||||
if (m_requestBody.tellp() > 0) {
|
||||
m_collections.store("REQUEST_BODY", m_requestBody.str());
|
||||
m_collections.store("REQUEST_BODY_LENGTH",
|
||||
std::to_string(m_requestBody.str().size()));
|
||||
m_variableRequestBody.set(m_requestBody.str(), m_variableOffset);
|
||||
m_variableRequestBodyLength.set(std::to_string(
|
||||
m_requestBody.str().size()),
|
||||
m_variableOffset);
|
||||
}
|
||||
|
||||
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
||||
@@ -853,7 +822,7 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) {
|
||||
|
||||
if (this->m_rules->m_requestBodyLimit.m_value > 0
|
||||
&& this->m_rules->m_requestBodyLimit.m_value < len + current_size) {
|
||||
m_collections.store("INBOUND_DATA_ERROR", "1");
|
||||
m_variableInboundDataError.set("1", m_variableOffset);
|
||||
#ifndef NO_LOGS
|
||||
debug(5, "Request body is bigger than the maximum expected.");
|
||||
#endif
|
||||
@@ -913,8 +882,8 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
|
||||
#endif
|
||||
|
||||
this->m_httpCodeReturned = code;
|
||||
this->m_collections.store("RESPONSE_STATUS", std::to_string(code));
|
||||
m_collections.store("RESPONSE_PROTOCOL", proto);
|
||||
m_variableResponseStatus.set(std::to_string(code), m_variableOffset);
|
||||
m_variableResponseProtocol.set(proto, m_variableOffset);
|
||||
|
||||
if (m_rules->m_secRuleEngine == Rules::DisabledRuleEngine) {
|
||||
#ifndef NO_LOGS
|
||||
@@ -948,7 +917,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
|
||||
*/
|
||||
int Transaction::addResponseHeader(const std::string& key,
|
||||
const std::string& value) {
|
||||
m_responseHeadersNames->assign(*m_responseHeadersNames + " " + key);
|
||||
m_variableResponseHeadersNames.append(key, 0, true);
|
||||
|
||||
this->m_collections.store("RESPONSE_HEADERS:" + key, value);
|
||||
|
||||
@@ -957,7 +926,7 @@ int Transaction::addResponseHeader(const std::string& key,
|
||||
// Content-Type: text/html; charset=UTF-8
|
||||
std::vector<std::string> val = utils::string::split(value, ';');
|
||||
if (val.size() > 0) {
|
||||
this->m_responseContentType->assign(val[0]);
|
||||
m_variableResponseContentType.set(val[0], 0);
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
@@ -1050,10 +1019,10 @@ int Transaction::processResponseBody() {
|
||||
}
|
||||
|
||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||
auto t = bi.find(*m_responseContentType);
|
||||
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||
if (t == bi.end() && bi.empty() == false) {
|
||||
#ifndef NO_LOGS
|
||||
debug(5, "Response Content-Type is " + *m_responseContentType + \
|
||||
debug(5, "Response Content-Type is " + m_variableResponseContentType.m_value + \
|
||||
". It is not marked to be inspected.");
|
||||
std::string validContetTypes("");
|
||||
for (std::set<std::string>::iterator i = bi.begin();
|
||||
@@ -1064,13 +1033,12 @@ int Transaction::processResponseBody() {
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
if (m_collections.resolveFirst("OUTBOUND_DATA_ERROR") == NULL) {
|
||||
m_collections.store("OUTBOUND_DATA_ERROR", "0");
|
||||
if (m_variableOutboundDataError.m_value.empty() == true) {
|
||||
m_variableOutboundDataError.set("0", m_variableOffset);
|
||||
}
|
||||
|
||||
m_collections.store("RESPONSE_BODY", m_responseBody.str());
|
||||
m_collections.store("RESPONSE_CONTENT_LENGTH",
|
||||
std::to_string(m_responseBody.str().size()));
|
||||
m_variableResponseBody.set(m_responseBody.str(), m_variableOffset);
|
||||
m_variableResponseContentLength.set(std::to_string(m_responseBody.str().size()), m_variableOffset);
|
||||
|
||||
this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||
return true;
|
||||
@@ -1099,11 +1067,11 @@ int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
|
||||
int current_size = this->m_responseBody.tellp();
|
||||
|
||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||
auto t = bi.find(*m_responseContentType);
|
||||
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||
if (t == bi.end() && bi.empty() == false) {
|
||||
#ifndef NO_LOGS
|
||||
debug(4, "Not appending response body. " \
|
||||
"Response Content-Type is " + *m_responseContentType + \
|
||||
"Response Content-Type is " + m_variableResponseContentType.m_value + \
|
||||
". It is not marked to be inspected.");
|
||||
#endif
|
||||
return true;
|
||||
@@ -1117,7 +1085,7 @@ int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
|
||||
|
||||
if (this->m_rules->m_responseBodyLimit.m_value > 0
|
||||
&& this->m_rules->m_responseBodyLimit.m_value < len + current_size) {
|
||||
m_collections.store("OUTBOUND_DATA_ERROR", "1");
|
||||
m_variableOutboundDataError.set("1", m_variableOffset);
|
||||
#ifndef NO_LOGS
|
||||
debug(5, "Response body is bigger than the maximum expected.");
|
||||
#endif
|
||||
|
||||
@@ -38,7 +38,7 @@ class XML : public Variable {
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
Rule *rule,
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l);
|
||||
std::string m_plain;
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user