mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
Contionuation of 1 time variable patch
Now we have almost 100% of the transaction variables hosted on the new schema. Variable modifcators (count and exclusion) are not yet supported on the new schema. Notice that setvar is now using the parser.
This commit is contained in:
Felipe Zimmerle
Felipe Zimmerle
parent
703da3c4f0
commit
e95555132e
@ -117,15 +117,133 @@ class AnchoredVariable {
|
|||||||
l->push_back(new collection::Variable(&m_name,
|
l->push_back(new collection::Variable(&m_name,
|
||||||
&m_value));
|
&m_value));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::string *evaluate() {
|
||||||
|
if (m_value.empty() == true) {
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
return &m_value;
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
class TransactionAnchoredVariables {
|
class TransactionAnchoredVariables {
|
||||||
public:
|
public:
|
||||||
TransactionAnchoredVariables(Transaction *t)
|
TransactionAnchoredVariables(Transaction *t)
|
||||||
: m_variableArgsNames(t, "ARG_NAMES") { }
|
: m_variableArgsNames(t, "ARGS_NAMES"),
|
||||||
|
m_variableArgGetNames(t, "ARGS_GET_NAMES"),
|
||||||
|
m_variableArgPostNames(t, "ARGS_POST_NAMES"),
|
||||||
|
m_variableRequestHeadersNames(t, "REQUEST_HEADERS_NAMES"),
|
||||||
|
m_variableResponseContentType(t, "RESPONSE_CONTENT_TYPE"),
|
||||||
|
m_variableResponseHeadersNames(t, "RESPONSE_HEADERS_NAMES"),
|
||||||
|
m_variableARGScombinedSize(t, "ARGS_COMBINED_SIZE"),
|
||||||
|
m_variableAuthType(t, "AUTH_TYPE"),
|
||||||
|
m_variableFilesCombinedSize(t, "FILES_COMBINED_SIZE"),
|
||||||
|
m_variableFilesTmpNames(t, "FILES_TMPNAMES"),
|
||||||
|
m_variableFullRequest(t, "FULL_REQUEST"),
|
||||||
|
m_variableFullRequestLength(t, "FULL_REQUEST_LENGTH"),
|
||||||
|
m_variableInboundDataError(t, "INBOUND_DATA_ERROR"),
|
||||||
|
m_variableMatchedVar(t, "MATCHED_VAR"),
|
||||||
|
m_variableMatchedVarName(t, "MATCHED_VAR_NAME"),
|
||||||
|
m_variableMultipartCrlfLFLines(t, "MULTIPART_CRLF_LF_LINES"),
|
||||||
|
m_variableMultipartDataAfter(t, "MULTIPART_DATA_AFTER"),
|
||||||
|
m_variableMultipartFileLimitExceeded(t, "MULTIPART_FILE_LIMIT_EXCEEDED"),
|
||||||
|
m_variableMultipartStrictError(t, "MULTIPART_STRICT_ERROR"),
|
||||||
|
m_variableMultipartHeaderFolding(t, "MULTIPART_HEADER_FOLDING"),
|
||||||
|
m_variableMultipartInvalidQuoting(t, "MULTIPART_INVALID_QUOTING"),
|
||||||
|
m_variableMultipartInvalidHeaderFolding(t, "MULTIPART_INVALID_HEADER_FOLDING"),
|
||||||
|
m_variableMultipartUnmatchedBoundary(t, "MULTIPART_UNMATCHED_BOUNDARY"),
|
||||||
|
m_variableOutboundDataError(t, "OUTBOUND_DATA_ERROR"),
|
||||||
|
m_variablePathInfo(t, "PATH_INFO"),
|
||||||
|
m_variableQueryString(t, "QUERY_STRING"),
|
||||||
|
m_variableRemoteAddr(t, "REMOTE_ADDR"),
|
||||||
|
m_variableRemoteHost(t, "REMOTE_HOST"),
|
||||||
|
m_variableRemotePort(t, "REMOTE_PORT"),
|
||||||
|
m_variableReqbodyError(t, "REQBODY_ERROR"),
|
||||||
|
m_variableReqbodyErrorMsg(t, "REQBODY_ERROR_MSG"),
|
||||||
|
m_variableReqbodyProcessorErrorMsg(t, "REQBODY_PROCESSOR_ERROR_MSG"),
|
||||||
|
m_variableReqbodyProcessorError(t, "REQBODY_PROCESSOR_ERROR"),
|
||||||
|
m_variableReqbodyProcessor(t, "REQBODY_PROCESSOR"),
|
||||||
|
m_variableRequestBasename(t, "REQUEST_BASENAME"),
|
||||||
|
m_variableRequestBody(t, "REQUEST_BODY"),
|
||||||
|
m_variableRequestBodyLength(t, "REQUEST_BODY_LENGTH"),
|
||||||
|
m_variableRequestFilename(t, "REQUEST_FILENAME"),
|
||||||
|
m_variableRequestLine(t, "REQUEST_LINE"),
|
||||||
|
m_variableRequestMethod(t, "REQUEST_METHOD"),
|
||||||
|
m_variableRequestProtocol(t, "REQUEST_PROTOCOL"),
|
||||||
|
m_variableRequestURI(t, "REQUEST_URI"),
|
||||||
|
m_variableRequestURIRaw(t, "REQUEST_URI_RAW"),
|
||||||
|
m_variableResource(t, "RESOURCE"),
|
||||||
|
m_variableResponseBody(t, "RESPONSE_BODY"),
|
||||||
|
m_variableResponseContentLength(t, "RESPONSE_CONTENT_LENGTH"),
|
||||||
|
m_variableResponseProtocol(t, "RESPONSE_PROTOCOL"),
|
||||||
|
m_variableResponseStatus(t, "RESPONSE_STATUS"),
|
||||||
|
m_variableServerAddr(t, "SERVER_ADDR"),
|
||||||
|
m_variableServerName(t, "SERVER_NAME"),
|
||||||
|
m_variableServerPort(t, "SERVER_PORT"),
|
||||||
|
m_variableSessionID(t, "SESSIONID"),
|
||||||
|
m_variableUniqueID(t, "UNIQUE_ID"),
|
||||||
|
m_variableUrlEncodedError(t, "URLENCODED_ERROR"),
|
||||||
|
m_variableUserID(t, "USERID")
|
||||||
|
{ }
|
||||||
|
|
||||||
AnchoredVariable m_variableArgsNames;
|
AnchoredVariable m_variableArgsNames;
|
||||||
|
AnchoredVariable m_variableArgGetNames;
|
||||||
|
AnchoredVariable m_variableArgPostNames;
|
||||||
|
AnchoredVariable m_variableRequestHeadersNames;
|
||||||
|
AnchoredVariable m_variableResponseContentType;
|
||||||
|
AnchoredVariable m_variableResponseHeadersNames;
|
||||||
|
AnchoredVariable m_variableARGScombinedSize;
|
||||||
|
AnchoredVariable m_variableAuthType;
|
||||||
|
AnchoredVariable m_variableFilesCombinedSize;
|
||||||
|
AnchoredVariable m_variableFilesTmpNames;
|
||||||
|
AnchoredVariable m_variableFullRequest;
|
||||||
|
AnchoredVariable m_variableFullRequestLength;
|
||||||
|
AnchoredVariable m_variableInboundDataError;
|
||||||
|
AnchoredVariable m_variableMatchedVar;
|
||||||
|
AnchoredVariable m_variableMatchedVarName;
|
||||||
|
AnchoredVariable m_variableMultipartCrlfLFLines;
|
||||||
|
AnchoredVariable m_variableMultipartDataAfter;
|
||||||
|
AnchoredVariable m_variableMultipartFileLimitExceeded;
|
||||||
|
AnchoredVariable m_variableMultipartStrictError;
|
||||||
|
AnchoredVariable m_variableMultipartHeaderFolding;
|
||||||
|
AnchoredVariable m_variableMultipartInvalidQuoting;
|
||||||
|
AnchoredVariable m_variableMultipartInvalidHeaderFolding;
|
||||||
|
AnchoredVariable m_variableMultipartUnmatchedBoundary;
|
||||||
|
AnchoredVariable m_variableOutboundDataError;
|
||||||
|
AnchoredVariable m_variablePathInfo;
|
||||||
|
AnchoredVariable m_variableQueryString;
|
||||||
|
AnchoredVariable m_variableRemoteAddr;
|
||||||
|
AnchoredVariable m_variableRemoteHost;
|
||||||
|
AnchoredVariable m_variableRemotePort;
|
||||||
|
AnchoredVariable m_variableReqbodyError;
|
||||||
|
AnchoredVariable m_variableReqbodyErrorMsg;
|
||||||
|
AnchoredVariable m_variableReqbodyProcessorError;
|
||||||
|
AnchoredVariable m_variableReqbodyProcessorErrorMsg;
|
||||||
|
AnchoredVariable m_variableReqbodyProcessor;
|
||||||
|
AnchoredVariable m_variableRequestBasename;
|
||||||
|
AnchoredVariable m_variableRequestBody;
|
||||||
|
AnchoredVariable m_variableRequestBodyLength;
|
||||||
|
AnchoredVariable m_variableRequestFilename;
|
||||||
|
AnchoredVariable m_variableRequestLine;
|
||||||
|
AnchoredVariable m_variableRequestMethod;
|
||||||
|
AnchoredVariable m_variableRequestProtocol;
|
||||||
|
AnchoredVariable m_variableRequestURI;
|
||||||
|
AnchoredVariable m_variableRequestURIRaw;
|
||||||
|
AnchoredVariable m_variableResource;
|
||||||
|
AnchoredVariable m_variableResponseBody;
|
||||||
|
AnchoredVariable m_variableResponseContentLength;
|
||||||
|
AnchoredVariable m_variableResponseProtocol;
|
||||||
|
AnchoredVariable m_variableResponseStatus;
|
||||||
|
AnchoredVariable m_variableServerAddr;
|
||||||
|
AnchoredVariable m_variableServerName;
|
||||||
|
AnchoredVariable m_variableServerPort;
|
||||||
|
AnchoredVariable m_variableSessionID;
|
||||||
|
AnchoredVariable m_variableUniqueID;
|
||||||
|
AnchoredVariable m_variableUrlEncodedError;
|
||||||
|
AnchoredVariable m_variableUserID;
|
||||||
|
|
||||||
|
int m_variableOffset;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@ -254,7 +372,7 @@ class Transaction : public TransactionAnchoredVariables {
|
|||||||
* Holds the combined size of all arguments, later used to fill the
|
* Holds the combined size of all arguments, later used to fill the
|
||||||
* variable ARGS_COMBINED_SIZE.
|
* variable ARGS_COMBINED_SIZE.
|
||||||
*/
|
*/
|
||||||
double m_ARGScombinedSize;
|
double m_ARGScombinedSizeDouble;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Client tcp port.
|
* Client tcp port.
|
||||||
@ -418,13 +536,6 @@ class Transaction : public TransactionAnchoredVariables {
|
|||||||
std::string m_variableTimeYear;
|
std::string m_variableTimeYear;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
std::string *m_ARGScombinedSizeStr;
|
|
||||||
std::string *m_namesArgsGet;
|
|
||||||
std::string *m_namesArgsPost;
|
|
||||||
std::string *m_requestHeadersNames;
|
|
||||||
std::string *m_responseContentType;
|
|
||||||
std::string *m_responseHeadersNames;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pointer to the callback function that will be called to fill
|
* Pointer to the callback function that will be called to fill
|
||||||
* the web server (connector) log.
|
* the web server (connector) log.
|
||||||
|
|||||||
@ -66,7 +66,6 @@ noinst_HEADERS = \
|
|||||||
|
|
||||||
|
|
||||||
VARIABLES = \
|
VARIABLES = \
|
||||||
variables/args_names.cc \
|
|
||||||
variables/duration.cc \
|
variables/duration.cc \
|
||||||
variables/env.cc \
|
variables/env.cc \
|
||||||
variables/highest_severity.cc \
|
variables/highest_severity.cc \
|
||||||
|
|||||||
@ -28,7 +28,8 @@ namespace ctl {
|
|||||||
bool RequestBodyProcessorJSON::evaluate(Rule *rule,
|
bool RequestBodyProcessorJSON::evaluate(Rule *rule,
|
||||||
Transaction *transaction) {
|
Transaction *transaction) {
|
||||||
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
|
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
|
||||||
transaction->m_collections.store("REQBODY_PROCESSOR", "JSON");
|
transaction->m_variableReqbodyProcessor.set("JSON",
|
||||||
|
transaction->m_variableOffset);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,7 +28,8 @@ namespace ctl {
|
|||||||
bool RequestBodyProcessorXML::evaluate(Rule *rule,
|
bool RequestBodyProcessorXML::evaluate(Rule *rule,
|
||||||
Transaction *transaction) {
|
Transaction *transaction) {
|
||||||
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
|
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
|
||||||
transaction->m_collections.store("REQBODY_PROCESSOR", "XML");
|
transaction->m_variableReqbodyProcessor.set("XML",
|
||||||
|
transaction->m_variableOffset);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -49,7 +49,7 @@ bool SetSID::evaluate(Rule *rule, Transaction *t) {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
t->m_collections.m_session_collection_key = colNameExpanded;
|
t->m_collections.m_session_collection_key = colNameExpanded;
|
||||||
t->m_collections.storeOrUpdateFirst("SESSIONID", colNameExpanded);
|
t->m_variableSessionID.set(colNameExpanded, t->m_variableOffset);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -49,7 +49,7 @@ bool SetUID::evaluate(Rule *rule, Transaction *t) {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
t->m_collections.m_user_collection_key = colNameExpanded;
|
t->m_collections.m_user_collection_key = colNameExpanded;
|
||||||
t->m_collections.storeOrUpdateFirst("USERID", colNameExpanded);
|
t->m_variableUserID.set(colNameExpanded, t->m_variableOffset);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -31,6 +31,20 @@ namespace actions {
|
|||||||
bool SetVar::init(std::string *error) {
|
bool SetVar::init(std::string *error) {
|
||||||
size_t pos;
|
size_t pos;
|
||||||
|
|
||||||
|
if (m_variableName.empty() == false) {
|
||||||
|
pos = m_variableName.find(".");
|
||||||
|
if (pos != std::string::npos) {
|
||||||
|
m_collectionName = std::string(m_variableName, 0, pos);
|
||||||
|
m_collectionName = utils::string::toupper(m_collectionName);
|
||||||
|
m_variableName = std::string(m_variableName, pos + 1,
|
||||||
|
m_variableName.size() - (pos + 1));
|
||||||
|
} else {
|
||||||
|
error->assign("Missing the collection and/or variable name");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
// Resolv operation
|
// Resolv operation
|
||||||
m_operation = setToOne;
|
m_operation = setToOne;
|
||||||
pos = m_parser_payload.find("=");
|
pos = m_parser_payload.find("=");
|
||||||
|
|||||||
@ -26,6 +26,16 @@ class Rule;
|
|||||||
|
|
||||||
namespace actions {
|
namespace actions {
|
||||||
|
|
||||||
|
enum SetVarOperation {
|
||||||
|
/* Set variable to something */
|
||||||
|
setOperation,
|
||||||
|
/* read variable, sum predicate and set */
|
||||||
|
sumAndSetOperation,
|
||||||
|
/* read variable, substract predicate and set */
|
||||||
|
substractAndSetOperation,
|
||||||
|
/* set variable to 1 */
|
||||||
|
setToOne
|
||||||
|
};
|
||||||
|
|
||||||
class SetVar : public Action {
|
class SetVar : public Action {
|
||||||
public:
|
public:
|
||||||
@ -35,20 +45,24 @@ class SetVar : public Action {
|
|||||||
m_variableName(""),
|
m_variableName(""),
|
||||||
m_predicate("") { }
|
m_predicate("") { }
|
||||||
|
|
||||||
|
SetVar(SetVarOperation operation,
|
||||||
|
std::string variableName,
|
||||||
|
std::string predicate) : Action("setvar"),
|
||||||
|
m_operation(operation),
|
||||||
|
m_predicate(predicate),
|
||||||
|
m_collectionName(""),
|
||||||
|
m_variableName(variableName) { }
|
||||||
|
|
||||||
|
SetVar(SetVarOperation operation,
|
||||||
|
std::string variableName) : Action("setvar"),
|
||||||
|
m_operation(operation),
|
||||||
|
m_predicate(""),
|
||||||
|
m_collectionName(""),
|
||||||
|
m_variableName(variableName) { }
|
||||||
|
|
||||||
bool evaluate(Rule *rule, Transaction *transaction) override;
|
bool evaluate(Rule *rule, Transaction *transaction) override;
|
||||||
bool init(std::string *error) override;
|
bool init(std::string *error) override;
|
||||||
|
|
||||||
enum SetVarOperation {
|
|
||||||
/* Set variable to something */
|
|
||||||
setOperation,
|
|
||||||
/* read variable, sum predicate and set */
|
|
||||||
sumAndSetOperation,
|
|
||||||
/* read variable, substract predicate and set */
|
|
||||||
substractAndSetOperation,
|
|
||||||
/* set variable to 1 */
|
|
||||||
setToOne
|
|
||||||
};
|
|
||||||
|
|
||||||
private:
|
private:
|
||||||
SetVarOperation m_operation;
|
SetVarOperation m_operation;
|
||||||
std::string m_collectionName;
|
std::string m_collectionName;
|
||||||
|
|||||||
@ -66,7 +66,11 @@ std::string MacroExpansion::expand(const std::string& input,
|
|||||||
std::string *variableValue = NULL;
|
std::string *variableValue = NULL;
|
||||||
size_t collection = variable.find(".");
|
size_t collection = variable.find(".");
|
||||||
if (collection == std::string::npos) {
|
if (collection == std::string::npos) {
|
||||||
variableValue = transaction->m_collections.resolveFirst(variable);
|
if (utils::string::toupper(variable) == "MATCHED_VAR") {
|
||||||
|
variableValue = transaction->m_variableMatchedVar.evaluate();
|
||||||
|
} else {
|
||||||
|
variableValue = transaction->m_collections.resolveFirst(variable);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
std::string col = std::string(variable, 0, collection);
|
std::string col = std::string(variable, 0, collection);
|
||||||
std::string var = std::string(variable, collection + 1,
|
std::string var = std::string(variable, collection + 1,
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -146,15 +146,67 @@ class Driver;
|
|||||||
#include "src/utils/system.h"
|
#include "src/utils/system.h"
|
||||||
#include "src/variables/args_names.h"
|
#include "src/variables/args_names.h"
|
||||||
#include "src/variables/xml.h"
|
#include "src/variables/xml.h"
|
||||||
|
#include "src/variables/args_combined_size.h"
|
||||||
|
#include "src/variables/args_get_names.h"
|
||||||
|
#include "src/variables/args_names.h"
|
||||||
|
#include "src/variables/args_post_names.h"
|
||||||
|
#include "src/variables/auth_type.h"
|
||||||
#include "src/variables/duration.h"
|
#include "src/variables/duration.h"
|
||||||
#include "src/variables/env.h"
|
#include "src/variables/env.h"
|
||||||
|
#include "src/variables/files_combined_size.h"
|
||||||
|
#include "src/variables/files_tmp_names.h"
|
||||||
|
#include "src/variables/full_request.h"
|
||||||
|
#include "src/variables/full_request_length.h"
|
||||||
#include "src/variables/highest_severity.h"
|
#include "src/variables/highest_severity.h"
|
||||||
|
#include "src/variables/inbound_data_error.h"
|
||||||
|
#include "src/variables/matched_var.h"
|
||||||
|
#include "src/variables/matched_var_name.h"
|
||||||
#include "src/variables/modsec_build.h"
|
#include "src/variables/modsec_build.h"
|
||||||
|
#include "src/variables/multipart_crlf_lf_line.h"
|
||||||
|
#include "src/variables/multipart_data_after.h"
|
||||||
|
#include "src/variables/multipart_file_limit_exceeded.h"
|
||||||
|
#include "src/variables/multipart_header_folding.h"
|
||||||
|
#include "src/variables/multipart_invalid_header_folding.h"
|
||||||
|
#include "src/variables/multipart_invalid_quoting.h"
|
||||||
|
#include "src/variables/multipart_strict_error.h"
|
||||||
|
#include "src/variables/multipart_unmatched_boundary.h"
|
||||||
|
#include "src/variables/outbound_data_error.h"
|
||||||
|
#include "src/variables/path_info.h"
|
||||||
|
#include "src/variables/query_string.h"
|
||||||
|
#include "src/variables/remote_addr.h"
|
||||||
|
#include "src/variables/remote_host.h"
|
||||||
|
#include "src/variables/remote_port.h"
|
||||||
#include "src/variables/remote_user.h"
|
#include "src/variables/remote_user.h"
|
||||||
|
#include "src/variables/reqbody_error.h"
|
||||||
|
#include "src/variables/reqbody_error_msg.h"
|
||||||
|
#include "src/variables/reqbody_processor_error.h"
|
||||||
|
#include "src/variables/reqbody_processor_error_msg.h"
|
||||||
|
#include "src/variables/reqbody_processor.h"
|
||||||
|
#include "src/variables/request_base_name.h"
|
||||||
|
#include "src/variables/request_body.h"
|
||||||
|
#include "src/variables/request_body_length.h"
|
||||||
|
#include "src/variables/request_file_name.h"
|
||||||
|
#include "src/variables/request_headers_names.h"
|
||||||
|
#include "src/variables/request_line.h"
|
||||||
|
#include "src/variables/request_method.h"
|
||||||
|
#include "src/variables/request_protocol.h"
|
||||||
|
#include "src/variables/request_uri.h"
|
||||||
|
#include "src/variables/request_uri_raw.h"
|
||||||
|
#include "src/variables/resources.h"
|
||||||
|
#include "src/variables/response_body.h"
|
||||||
|
#include "src/variables/response_content_length.h"
|
||||||
|
#include "src/variables/response_content_type.h"
|
||||||
|
#include "src/variables/response_headers_names.h"
|
||||||
|
#include "src/variables/response_protocol.h"
|
||||||
|
#include "src/variables/response_status.h"
|
||||||
#include "src/variables/rule.h"
|
#include "src/variables/rule.h"
|
||||||
#include "src/variables/time.h"
|
#include "src/variables/server_addr.h"
|
||||||
|
#include "src/variables/server_name.h"
|
||||||
|
#include "src/variables/server_port.h"
|
||||||
|
#include "src/variables/session_id.h"
|
||||||
#include "src/variables/time_day.h"
|
#include "src/variables/time_day.h"
|
||||||
#include "src/variables/time_epoch.h"
|
#include "src/variables/time_epoch.h"
|
||||||
|
#include "src/variables/time.h"
|
||||||
#include "src/variables/time_hour.h"
|
#include "src/variables/time_hour.h"
|
||||||
#include "src/variables/time_min.h"
|
#include "src/variables/time_min.h"
|
||||||
#include "src/variables/time_mon.h"
|
#include "src/variables/time_mon.h"
|
||||||
@ -162,6 +214,11 @@ class Driver;
|
|||||||
#include "src/variables/time_wday.h"
|
#include "src/variables/time_wday.h"
|
||||||
#include "src/variables/time_year.h"
|
#include "src/variables/time_year.h"
|
||||||
#include "src/variables/tx.h"
|
#include "src/variables/tx.h"
|
||||||
|
#include "src/variables/unique_id.h"
|
||||||
|
#include "src/variables/url_encoded_error.h"
|
||||||
|
#include "src/variables/user_id.h"
|
||||||
|
#include "src/variables/variable.h"
|
||||||
|
#include "src/variables/xml.h"
|
||||||
#include "src/variables/variations/count.h"
|
#include "src/variables/variations/count.h"
|
||||||
#include "src/variables/variations/exclusion.h"
|
#include "src/variables/variations/exclusion.h"
|
||||||
|
|
||||||
@ -258,8 +315,66 @@ using modsecurity::operators::Operator;
|
|||||||
COMMA ","
|
COMMA ","
|
||||||
PIPE
|
PIPE
|
||||||
NEW_LINE
|
NEW_LINE
|
||||||
VARIABLE_ARGS_NAMES "Variable ARGS_NAMES"
|
VARIABLE_ARGS_COMBINED_SIZE
|
||||||
;
|
VARIABLE_ARGS_GET_NAMES
|
||||||
|
VARIABLE_ARGS_NAMES "Variable ARGS_NAMES"
|
||||||
|
VARIABLE_ARGS_POST_NAMES
|
||||||
|
VARIABLE_AUTH_TYPE "AUTH_TYPE"
|
||||||
|
VARIABLE_FILES_COMBINED_SIZE "FILES_COMBINED_SIZE"
|
||||||
|
VARIABLE_FILES_TMP_NAMES "FILES_TMPNAMES"
|
||||||
|
VARIABLE_FULL_REQUEST "FULL_REQUEST"
|
||||||
|
VARIABLE_FULL_REQUEST_LENGTH "FULL_REQUEST_LENGTH"
|
||||||
|
VARIABLE_INBOUND_DATA_ERROR "INBOUND_DATA_ERROR"
|
||||||
|
VARIABLE_MATCHED_VAR "MATCHED_VAR"
|
||||||
|
VARIABLE_MATCHED_VAR_NAME "MATCHED_VAR_NAME"
|
||||||
|
VARIABLE_MULTIPART_CRLF_LF_LINES "MULTIPART_CRLF_LF_LINES"
|
||||||
|
VARIABLE_MULTIPART_DATA_AFTER "MULTIPART_DATA_AFTER"
|
||||||
|
VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED "MULTIPART_FILE_LIMIT_EXCEEDED"
|
||||||
|
VARIABLE_MULTIPART_HEADER_FOLDING "MULTIPART_HEADER_FOLDING"
|
||||||
|
VARIABLE_MULTIPART_INVALID_HEADER_FOLDING "MULTIPART_INVALID_HEADER_FOLDING"
|
||||||
|
VARIABLE_MULTIPART_INVALID_QUOTING "MULTIPART_INVALID_QUOTING"
|
||||||
|
VARIABLE_MULTIPART_STRICT_ERROR "MULTIPART_STRICT_ERROR"
|
||||||
|
VARIABLE_MULTIPART_UNMATCHED_BOUNDARY "MULTIPART_UNMATCHED_BOUNDARY"
|
||||||
|
VARIABLE_OUTBOUND_DATA_ERROR "OUTBOUND_DATA_ERROR"
|
||||||
|
VARIABLE_PATH_INFO "PATH_INFO"
|
||||||
|
VARIABLE_QUERY_STRING "QUERY_STRING"
|
||||||
|
VARIABLE_REMOTE_ADDR "REMOTE_ADDR"
|
||||||
|
VARIABLE_REMOTE_HOST "REMOTE_HOST"
|
||||||
|
VARIABLE_REMOTE_PORT "REMOTE_PORT"
|
||||||
|
VARIABLE_REQBODY_ERROR_MSG "REQBODY_ERROR_MSG"
|
||||||
|
VARIABLE_REQBODY_ERROR "REQBODY_ERROR"
|
||||||
|
VARIABLE_REQBODY_PROCESSOR_ERROR_MSG "REQBODY_PROCESSOR_ERROR_MSG"
|
||||||
|
VARIABLE_REQBODY_PROCESSOR_ERROR "REQBODY_PROCESSOR_ERROR"
|
||||||
|
VARIABLE_REQBODY_PROCESSOR "REQBODY_PROCESSOR"
|
||||||
|
VARIABLE_REQUEST_BASENAME "REQUEST_BASENAME"
|
||||||
|
VARIABLE_REQUEST_BODY_LENGTH "REQUEST_BODY_LENGTH"
|
||||||
|
VARIABLE_REQUEST_BODY "REQUEST_BODY"
|
||||||
|
VARIABLE_REQUEST_FILE_NAME "REQUEST_FILENAME"
|
||||||
|
VARIABLE_REQUEST_HEADERS_NAMES
|
||||||
|
VARIABLE_REQUEST_LINE "REQUEST_LINE"
|
||||||
|
VARIABLE_REQUEST_METHOD "REQUEST_METHOD"
|
||||||
|
VARIABLE_REQUEST_PROTOCOL "REQUEST_PROTOCOL"
|
||||||
|
VARIABLE_REQUEST_URI_RAW "REQUEST_URI_RAW"
|
||||||
|
VARIABLE_REQUEST_URI "REQUEST_URI"
|
||||||
|
VARIABLE_RESOURCE "RESOURCE"
|
||||||
|
VARIABLE_RESPONSE_BODY "RESPONSE_BODY"
|
||||||
|
VARIABLE_RESPONSE_CONTENT_LENGTH "RESPONSE_CONTENT_LENGTH"
|
||||||
|
VARIABLE_RESPONSE_CONTENT_TYPE
|
||||||
|
VARIABLE_RESPONSE_HEADERS_NAMES
|
||||||
|
VARIABLE_RESPONSE_PROTOCOL "RESPONSE_PROTOCOL"
|
||||||
|
VARIABLE_RESPONSE_STATUS "RESPONSE_STATUS"
|
||||||
|
VARIABLE_SERVER_ADDR "SERVER_ADDR"
|
||||||
|
VARIABLE_SERVER_NAME "SERVER_NAME"
|
||||||
|
VARIABLE_SERVER_PORT "SERVER_PORT"
|
||||||
|
VARIABLE_SESSION_ID "SESSIONID"
|
||||||
|
VARIABLE_UNIQUE_ID "UNIQUE_ID"
|
||||||
|
VARIABLE_URL_ENCODED_ERROR "URLENCODED_ERROR"
|
||||||
|
VARIABLE_USER_ID "USERID"
|
||||||
|
ACTION_SETVAR "SetVar"
|
||||||
|
SETVAR_OPERATION_EQUALS
|
||||||
|
SETVAR_OPERATION_EQUALS_PLUS
|
||||||
|
SETVAR_OPERATION_EQUALS_MINUS
|
||||||
|
;
|
||||||
|
|
||||||
%token <std::string>
|
%token <std::string>
|
||||||
ACTION_ACCURACY "Accuracy"
|
ACTION_ACCURACY "Accuracy"
|
||||||
@ -309,7 +424,6 @@ using modsecurity::operators::Operator;
|
|||||||
ACTION_SETRSC "SetSrc"
|
ACTION_SETRSC "SetSrc"
|
||||||
ACTION_SETSID "SetSid"
|
ACTION_SETSID "SetSid"
|
||||||
ACTION_SETUID "SetUID"
|
ACTION_SETUID "SetUID"
|
||||||
ACTION_SETVAR "SetVar"
|
|
||||||
ACTION_SEVERITY "Severity"
|
ACTION_SEVERITY "Severity"
|
||||||
ACTION_SKIP "Skip"
|
ACTION_SKIP "Skip"
|
||||||
ACTION_SKIP_AFTER "SkipAfter"
|
ACTION_SKIP_AFTER "SkipAfter"
|
||||||
@ -1142,22 +1256,275 @@ var:
|
|||||||
std::unique_ptr<Variable> c(new Variables::ArgsNames());
|
std::unique_ptr<Variable> c(new Variables::ArgsNames());
|
||||||
$$ = std::move(c);
|
$$ = std::move(c);
|
||||||
}
|
}
|
||||||
| VARIABLE
|
| VARIABLE_ARGS_GET_NAMES
|
||||||
{
|
{
|
||||||
std::string name($1);
|
std::unique_ptr<Variable> c(new Variables::ArgsGetNames());
|
||||||
char z = name.at(0);
|
$$ = std::move(c);
|
||||||
if (z == '&') {
|
}
|
||||||
name.erase(0, 1);
|
| VARIABLE_ARGS_POST_NAMES
|
||||||
std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
|
{
|
||||||
$$ = std::move(c);
|
std::unique_ptr<Variable> c(new Variables::ArgsPostNames());
|
||||||
} else if (z == '!') {
|
$$ = std::move(c);
|
||||||
name.erase(0, 1);
|
}
|
||||||
std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
|
| VARIABLE_REQUEST_HEADERS_NAMES
|
||||||
$$ = std::move(c);
|
{
|
||||||
} else {
|
std::unique_ptr<Variable> c(new Variables::RequestHeadersNames());
|
||||||
std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
|
$$ = std::move(c);
|
||||||
$$ = std::move(c);
|
}
|
||||||
}
|
| VARIABLE_RESPONSE_CONTENT_TYPE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseContentType());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESPONSE_HEADERS_NAMES
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseHeadersNames());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_ARGS_COMBINED_SIZE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ArgsCombinedSize());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_AUTH_TYPE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::AuthType());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_FILES_COMBINED_SIZE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::FilesCombinedSize());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_FILES_TMP_NAMES
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::FilesTmpNames());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_FULL_REQUEST
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::FullRequest());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_FULL_REQUEST_LENGTH
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::FullRequestLength());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_INBOUND_DATA_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::InboundDataError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MATCHED_VAR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MatchedVar());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MATCHED_VAR_NAME
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MatchedVarName());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_CRLF_LF_LINES
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartCrlfLFLines());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_DATA_AFTER
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartDateAfter());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartFileLimitExceeded());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_HEADER_FOLDING
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartHeaderFolding());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_INVALID_HEADER_FOLDING
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartInvalidHeaderFolding());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_INVALID_QUOTING
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartInvalidQuoting());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_STRICT_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartStrictError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_MULTIPART_UNMATCHED_BOUNDARY
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::MultipartUnmatchedBoundary());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_OUTBOUND_DATA_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::OutboundDataError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_PATH_INFO
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::PathInfo());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_QUERY_STRING
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::QueryString());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REMOTE_ADDR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RemoteAddr());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REMOTE_HOST
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RemoteHost());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REMOTE_PORT
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RemotePort());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQBODY_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ReqbodyError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQBODY_ERROR_MSG
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ReqbodyErrorMsg());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQBODY_PROCESSOR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessor());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQBODY_PROCESSOR_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQBODY_PROCESSOR_ERROR_MSG
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorErrorMsg());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_BASENAME
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestBasename());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_BODY
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestBody());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_BODY_LENGTH
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestBodyLength());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_FILE_NAME
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestFilename());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_LINE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestLine());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_METHOD
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestMethod());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_PROTOCOL
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestProtocol());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_URI
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestURI());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_REQUEST_URI_RAW
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::RequestURIRaw());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESOURCE
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::Resource());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESPONSE_BODY
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseBody());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESPONSE_CONTENT_LENGTH
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseContentLength());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESPONSE_PROTOCOL
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseProtocol());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_RESPONSE_STATUS
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ResponseStatus());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_SERVER_ADDR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ServerAddr());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_SERVER_NAME
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ServerName());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_SERVER_PORT
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::ServerPort());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_SESSION_ID
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::SessionID());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_UNIQUE_ID
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::UniqueID());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_URL_ENCODED_ERROR
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::UrlEncodedError());
|
||||||
|
$$ = std::move(c);
|
||||||
|
}
|
||||||
|
| VARIABLE_USER_ID
|
||||||
|
{
|
||||||
|
std::unique_ptr<Variable> c(new Variables::UserID());
|
||||||
|
$$ = std::move(c);
|
||||||
}
|
}
|
||||||
| VARIABLE_STATUS
|
| VARIABLE_STATUS
|
||||||
{
|
{
|
||||||
@ -1450,20 +1817,9 @@ var:
|
|||||||
}
|
}
|
||||||
| RUN_TIME_VAR_XML
|
| RUN_TIME_VAR_XML
|
||||||
{
|
{
|
||||||
std::string name($1);
|
std::string name($1);
|
||||||
char z = name.at(0);
|
|
||||||
if (z == '&') {
|
|
||||||
name.erase(0, 1);
|
|
||||||
std::unique_ptr<Variable> c(new Count(new XML(name)));
|
|
||||||
$$ = std::move(c);
|
|
||||||
} else if (z == '!') {
|
|
||||||
name.erase(0, 1);
|
|
||||||
std::unique_ptr<Variable> c(new Exclusion(new XML(name)));
|
|
||||||
$$ = std::move(c);
|
|
||||||
} else {
|
|
||||||
std::unique_ptr<Variable> c(new XML(name));
|
std::unique_ptr<Variable> c(new XML(name));
|
||||||
$$ = std::move(c);
|
$$ = std::move(c);
|
||||||
}
|
|
||||||
}
|
}
|
||||||
| RUN_TIME_VAR_RULE
|
| RUN_TIME_VAR_RULE
|
||||||
{
|
{
|
||||||
@ -1707,9 +2063,21 @@ act:
|
|||||||
{
|
{
|
||||||
ACTION_CONTAINER($$, new actions::SetUID($1));
|
ACTION_CONTAINER($$, new actions::SetUID($1));
|
||||||
}
|
}
|
||||||
| ACTION_SETVAR
|
| ACTION_SETVAR VARIABLE
|
||||||
{
|
{
|
||||||
ACTION_CONTAINER($$, new actions::SetVar($1));
|
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOne, $2));
|
||||||
|
}
|
||||||
|
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS FREE_TEXT
|
||||||
|
{
|
||||||
|
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setOperation, $2, $4));
|
||||||
|
}
|
||||||
|
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS_PLUS FREE_TEXT
|
||||||
|
{
|
||||||
|
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, $2, $4));
|
||||||
|
}
|
||||||
|
| ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS_MINUS FREE_TEXT
|
||||||
|
{
|
||||||
|
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, $2, $4));
|
||||||
}
|
}
|
||||||
| ACTION_SEVERITY
|
| ACTION_SEVERITY
|
||||||
{
|
{
|
||||||
|
|||||||
@ -172,6 +172,8 @@ CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
|
|||||||
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
|
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
|
||||||
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
|
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
|
||||||
DICT_ELEMENT [^ \t|]+
|
DICT_ELEMENT [^ \t|]+
|
||||||
|
DICT_ELEMENT_TWO [^\"\=]+
|
||||||
|
DICT_ELEMENT_TWO2 [A-Za-z_ -\%\{\.\}\-\/]+
|
||||||
DIRECTIVE (?i:SecRule)
|
DIRECTIVE (?i:SecRule)
|
||||||
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
|
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
|
||||||
FREE_TEXT_NEW_LINE [^\"|\n]+
|
FREE_TEXT_NEW_LINE [^\"|\n]+
|
||||||
@ -180,6 +182,7 @@ FREE_TEXT_QUOTE_COMMA [^,\']+
|
|||||||
FREE_TEXT_SPACE [^ \t]+
|
FREE_TEXT_SPACE [^ \t]+
|
||||||
FREE_TEXT_SPACE_COMMA [^, \t]+
|
FREE_TEXT_SPACE_COMMA [^, \t]+
|
||||||
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
|
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
|
||||||
|
FREE_TEXT_COMMA_QUOTE [^,\"\\n\\r]+
|
||||||
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
|
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
|
||||||
|
|
||||||
OPERATOR_UNCONDITIONAL_MATCH (?i:@unconditionalMatch)
|
OPERATOR_UNCONDITIONAL_MATCH (?i:@unconditionalMatch)
|
||||||
@ -243,19 +246,87 @@ RUN_TIME_VAR_TIME_SEC (?i:TIME_SEC)
|
|||||||
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
|
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
|
||||||
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
|
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
|
||||||
RUN_TIME_VAR_XML (?i:XML)
|
RUN_TIME_VAR_XML (?i:XML)
|
||||||
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
|
|
||||||
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
|
|
||||||
VARIABLE_ARGS_NAMES (?i:ARGS_NAMES)
|
VARIABLE_ARGS_COMBINED_SIZE (?i:ARGS_COMBINED_SIZE)
|
||||||
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
|
VARIABLE_ARGS_GET_NAMES (?i:ARGS_GET_NAMES)
|
||||||
|
VARIABLE_ARGS_NAMES (?i:ARGS_NAMES)
|
||||||
|
VARIABLE_ARGS_POST_NAMES (?i:ARGS_POST_NAMES)
|
||||||
|
VARIABLE_AUTH_TYPE (?i:AUTH_TYPE)
|
||||||
|
VARIABLE_FILES_COMBINED_SIZE (?i:FILES_COMBINED_SIZE)
|
||||||
|
VARIABLE_FILES_TMP_NAMES (?i:FILES_TMPNAMES)
|
||||||
|
VARIABLE_FULL_REQUEST (?i:FULL_REQUEST)
|
||||||
|
VARIABLE_FULL_REQUEST_LENGTH (?i:FULL_REQUEST_LENGTH)
|
||||||
|
VARIABLE_INBOUND_DATA_ERROR (?i:INBOUND_DATA_ERROR)
|
||||||
|
VARIABLE_MATCHED_VAR (?i:MATCHED_VAR)
|
||||||
|
VARIABLE_MATCHED_VAR_NAME (?i:MATCHED_VAR_NAME)
|
||||||
|
VARIABLE_MULTIPART_CRLF_LF_LINES (?i:MULTIPART_CRLF_LF_LINES)
|
||||||
|
VARIABLE_MULTIPART_DATA_AFTER (?i:MULTIPART_DATA_AFTER)
|
||||||
|
VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED (?i:MULTIPART_FILE_LIMIT_EXCEEDED)
|
||||||
|
VARIABLE_MULTIPART_HEADER_FOLDING (?i:MULTIPART_HEADER_FOLDING)
|
||||||
|
VARIABLE_MULTIPART_INVALID_HEADER_FOLDING (?i:MULTIPART_INVALID_HEADER_FOLDING)
|
||||||
|
VARIABLE_MULTIPART_INVALID_QUOTING (?i:MULTIPART_INVALID_QUOTING)
|
||||||
|
VARIABLE_MULTIPART_STRICT_ERROR (?i:MULTIPART_STRICT_ERROR)
|
||||||
|
VARIABLE_MULTIPART_UNMATCHED_BOUNDARY (?i:MULTIPART_UNMATCHED_BOUNDARY)
|
||||||
|
VARIABLE_OUTBOUND_DATA_ERROR (?i:OUTBOUND_DATA_ERROR)
|
||||||
|
VARIABLE_PATH_INFO (?i:PATH_INFO)
|
||||||
|
VARIABLE_QUERY_STRING (?i:QUERY_STRING)
|
||||||
|
VARIABLE_REMOTE_ADDR (?i:REMOTE_ADDR)
|
||||||
|
VARIABLE_REMOTE_HOST (?i:REMOTE_HOST)
|
||||||
|
VARIABLE_REMOTE_PORT (?i:REMOTE_PORT)
|
||||||
|
VARIABLE_REQBODY_ERROR (?i:REQBODY_ERROR)
|
||||||
|
VARIABLE_REQBODY_ERROR_MSG (?i:REQBODY_ERROR_MSG)
|
||||||
|
VARIABLE_REQBODY_PROCESSOR_ERROR (?i:REQBODY_PROCESSOR_ERROR)
|
||||||
|
VARIABLE_REQBODY_PROCESSOR_ERROR_MSG (?i:REQBODY_PROCESSOR_ERROR_MSG)
|
||||||
|
VARIABLE_REQBODY_PROCESSOR (?i:REQBODY_PROCESSOR)
|
||||||
|
VARIABLE_REQUEST_BASENAME (?i:REQUEST_BASENAME)
|
||||||
|
VARIABLE_REQUEST_BODY (?i:REQUEST_BODY)
|
||||||
|
VARIABLE_REQUEST_BODY_LENGTH (?i:REQUEST_BODY_LENGTH)
|
||||||
|
VARIABLE_REQUEST_FILE_NAME (?i:REQUEST_FILENAME)
|
||||||
|
VARIABLE_REQUEST_HEADERS_NAMES (?i:REQUEST_HEADERS_NAMES)
|
||||||
|
VARIABLE_REQUEST_LINE (?i:REQUEST_LINE)
|
||||||
|
VARIABLE_REQUEST_METHOD (?i:REQUEST_METHOD)
|
||||||
|
VARIABLE_REQUEST_PROTOCOL (?i:REQUEST_PROTOCOL)
|
||||||
|
VARIABLE_REQUEST_URI (?i:REQUEST_URI)
|
||||||
|
VARIABLE_REQUEST_URI_RAW (?i:REQUEST_URI_RAW)
|
||||||
|
VARIABLE_RESOURCE (?i:RESOURCE)
|
||||||
|
VARIABLE_RESPONSE_BODY (?i:RESPONSE_BODY)
|
||||||
|
VARIABLE_RESPONSE_CONTENT_LENGTH (?i:RESPONSE_CONTENT_LENGTH)
|
||||||
|
VARIABLE_RESPONSE_CONTENT_TYPE (?i:RESPONSE_CONTENT_TYPE)
|
||||||
|
VARIABLE_RESPONSE_HEADERS_NAMES (?i:RESPONSE_HEADERS_NAMES)
|
||||||
|
VARIABLE_RESPONSE_PROTOCOL (?i:RESPONSE_PROTOCOL)
|
||||||
|
VARIABLE_RESPONSE_STATUS (?i:RESPONSE_STATUS)
|
||||||
|
VARIABLE_SERVER_ADDR (?i:SERVER_ADDR)
|
||||||
|
VARIABLE_SERVER_NAME (?i:SERVER_NAME)
|
||||||
|
VARIABLE_SERVER_PORT (?i:SERVER_PORT)
|
||||||
|
VARIABLE_SESSION_ID (?i:SESSIONID)
|
||||||
|
VARIABLE_UNIQUE_ID (?i:UNIQUE_ID)
|
||||||
|
VARIABLE_URL_ENCODED_ERROR (?i:URLENCODED_ERROR)
|
||||||
|
VARIABLE_USER_ID (?i:USERID)
|
||||||
|
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
VARIABLE_COL (?i:(GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|REQUEST_COOKIES_NAMES))
|
||||||
|
VARIABLE_SESSION (?i:(SESSION))
|
||||||
|
VARIABLE_IP (?i:(IP))
|
||||||
|
VARIABLE_USER (?i:(USER))
|
||||||
|
|
||||||
VARIABLE_STATUS (?i:(STATUS[^:]))
|
VARIABLE_STATUS (?i:(STATUS[^:]))
|
||||||
VARIABLE_TX (?i:TX)
|
VARIABLE_TX (?i:TX)
|
||||||
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
|
|
||||||
VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
|
VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
|
||||||
VAR_FREE_TEXT_SPACE [^ \t\"]+
|
VAR_FREE_TEXT_SPACE [^ \t\"]+
|
||||||
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
|
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
|
||||||
|
|
||||||
NEW_LINE [\n\r]+
|
NEW_LINE [\n\r]+
|
||||||
|
|
||||||
|
EQUALS (?i:=)
|
||||||
|
EQUALS_PLUS (?i:=\+)
|
||||||
|
EQUALS_MINUS (?i:=\-)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
%x TRANSACTION_TO_VARIABLE
|
%x TRANSACTION_TO_VARIABLE
|
||||||
%x EXPECTING_VARIABLE
|
%x EXPECTING_VARIABLE
|
||||||
%x TRANSACTION_FROM_VARIABLE_TO_OPERATOR
|
%x TRANSACTION_FROM_VARIABLE_TO_OPERATOR
|
||||||
@ -269,6 +340,9 @@ NEW_LINE [\n\r]+
|
|||||||
%x FINISH_ACTIONS
|
%x FINISH_ACTIONS
|
||||||
%x LEXING_ERROR
|
%x LEXING_ERROR
|
||||||
%x LEXING_ERROR_ACTION
|
%x LEXING_ERROR_ACTION
|
||||||
|
%x SETVAR_ACTION_WAITING_VARIABLE
|
||||||
|
%x SETVAR_ACTION_WAITING_OPERATION
|
||||||
|
%x SETVAR_ACTION_WAITING_CONTENT
|
||||||
|
|
||||||
%{
|
%{
|
||||||
// Code run each time a pattern is matched.
|
// Code run each time a pattern is matched.
|
||||||
@ -343,10 +417,10 @@ NEW_LINE [\n\r]+
|
|||||||
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
|
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
|
||||||
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
||||||
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
|
||||||
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
|
||||||
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
{ACTION_SETVAR}: { BEGIN(SETVAR_ACTION_WAITING_VARIABLE); return p::make_ACTION_SETVAR(*driver.loc.back()); }
|
||||||
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
|
||||||
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
|
|
||||||
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
||||||
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
|
||||||
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
|
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
|
||||||
@ -402,6 +476,51 @@ NEW_LINE [\n\r]+
|
|||||||
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
<SETVAR_ACTION_WAITING_VARIABLE>{
|
||||||
|
\'* { }
|
||||||
|
\"* { }
|
||||||
|
{VARIABLE_TX}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_TX}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_TX}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_TX}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_SESSION}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_SESSION}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_SESSION}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_SESSION}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_IP}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_IP}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_IP}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_IP}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_USER}(\:[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_USER}(\:{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_USER}(\.[\']{DICT_ELEMENT_TWO}[\'])? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
{VARIABLE_USER}(\.{DICT_ELEMENT_TWO})? { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
||||||
|
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||||
|
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<SETVAR_ACTION_WAITING_OPERATION>{
|
||||||
|
[ \t]*\n { BEGIN(INITIAL); yyless(1); }
|
||||||
|
[ \t]*\r\n { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
[ \t]*\n { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
[ \t]*\r\n { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
[ \t]*\"[ \t]* { }
|
||||||
|
[ \t]*\'[ \t]* { }
|
||||||
|
\"[ \t]*\n { BEGIN(EXPECTING_ACTIONS); yyless(1); }
|
||||||
|
\"[ \t]*\r\n { BEGIN(EXPECTING_ACTIONS); driver.loc.back()->lines(1); driver.loc.back()->step(); }
|
||||||
|
{EQUALS_PLUS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
|
||||||
|
{EQUALS_MINUS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
|
||||||
|
{EQUALS} { BEGIN(SETVAR_ACTION_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
|
||||||
|
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
|
||||||
|
}
|
||||||
|
|
||||||
|
<SETVAR_ACTION_WAITING_CONTENT>{
|
||||||
|
[^,"\n]+ { BEGIN(EXPECTING_ACTIONS); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
|
||||||
|
}
|
||||||
|
|
||||||
<FINISH_ACTIONS>{
|
<FINISH_ACTIONS>{
|
||||||
<<EOF>> { BEGIN(INITIAL); yyless(0); p::make_NEW_LINE(*driver.loc.back()); }
|
<<EOF>> { BEGIN(INITIAL); yyless(0); p::make_NEW_LINE(*driver.loc.back()); }
|
||||||
@ -488,7 +607,6 @@ NEW_LINE [\n\r]+
|
|||||||
|
|
||||||
|
|
||||||
<EXPECTING_VARIABLE>{
|
<EXPECTING_VARIABLE>{
|
||||||
{VARIABLE_ARGS_NAMES} { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
|
|
||||||
|
|
||||||
[!&]?{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
[!&]?{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
||||||
[!&]?{RUN_TIME_VAR_DUR} { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
[!&]?{RUN_TIME_VAR_DUR} { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
||||||
@ -508,15 +626,18 @@ NEW_LINE [\n\r]+
|
|||||||
[!&]?{RUN_TIME_VAR_TIME} { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
|
[!&]?{RUN_TIME_VAR_TIME} { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
|
||||||
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||||
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLENOCOLON} { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
[!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
|
[!&]?{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||||
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
|
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
|
||||||
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
["][!&]?{RUN_TIME_VAR_BLD}["] { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_BLD}["] { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{RUN_TIME_VAR_DUR}["] { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_DUR}["] { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
|
||||||
@ -526,14 +647,75 @@ NEW_LINE [\n\r]+
|
|||||||
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{VARIABLENOCOLON}["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
|
["][!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
|
||||||
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
|
|
||||||
[&]?{RUN_TIME_VAR_TIME_WDAY} { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
|
[&]?{RUN_TIME_VAR_TIME_WDAY} { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
|
||||||
|
|
||||||
|
{VARIABLE_ARGS_COMBINED_SIZE} { return p::make_VARIABLE_ARGS_COMBINED_SIZE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_ARGS_GET_NAMES} { return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_ARGS_NAMES} { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_ARGS_POST_NAMES} { return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_AUTH_TYPE} { return p::make_VARIABLE_AUTH_TYPE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_FILES_COMBINED_SIZE} { return p::make_VARIABLE_FILES_COMBINED_SIZE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_FILES_TMP_NAMES} { return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_FULL_REQUEST_LENGTH} { return p::make_VARIABLE_FULL_REQUEST_LENGTH(*driver.loc.back()); }
|
||||||
|
{VARIABLE_FULL_REQUEST} { return p::make_VARIABLE_FULL_REQUEST(*driver.loc.back()); }
|
||||||
|
{VARIABLE_INBOUND_DATA_ERROR} { return p::make_VARIABLE_INBOUND_DATA_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MATCHED_VAR_NAME} { return p::make_VARIABLE_MATCHED_VAR_NAME(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MATCHED_VAR} { return p::make_VARIABLE_MATCHED_VAR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_CRLF_LF_LINES} { return p::make_VARIABLE_MULTIPART_CRLF_LF_LINES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_DATA_AFTER} { return p::make_VARIABLE_MULTIPART_DATA_AFTER(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED} { return p::make_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_HEADER_FOLDING} { return p::make_VARIABLE_MULTIPART_HEADER_FOLDING(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_INVALID_HEADER_FOLDING} { return p::make_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_INVALID_QUOTING} { return p::make_VARIABLE_MULTIPART_INVALID_QUOTING(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_STRICT_ERROR} { return p::make_VARIABLE_MULTIPART_STRICT_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_MULTIPART_UNMATCHED_BOUNDARY} { return p::make_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY(*driver.loc.back()); }
|
||||||
|
{VARIABLE_OUTBOUND_DATA_ERROR} { return p::make_VARIABLE_OUTBOUND_DATA_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_PATH_INFO} { return p::make_VARIABLE_PATH_INFO(*driver.loc.back()); }
|
||||||
|
{VARIABLE_QUERY_STRING} { return p::make_VARIABLE_QUERY_STRING(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REMOTE_ADDR} { return p::make_VARIABLE_REMOTE_ADDR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REMOTE_HOST} { return p::make_VARIABLE_REMOTE_HOST(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REMOTE_PORT} { return p::make_VARIABLE_REMOTE_PORT(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQBODY_ERROR_MSG} { return p::make_VARIABLE_REQBODY_ERROR_MSG(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQBODY_ERROR} { return p::make_VARIABLE_REQBODY_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQBODY_PROCESSOR_ERROR_MSG} { return p::make_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQBODY_PROCESSOR_ERROR} { return p::make_VARIABLE_REQBODY_PROCESSOR_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQBODY_PROCESSOR} { return p::make_VARIABLE_REQBODY_PROCESSOR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_BASENAME} { return p::make_VARIABLE_REQUEST_BASENAME(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_BODY_LENGTH} { return p::make_VARIABLE_REQUEST_BODY_LENGTH(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_BODY} { return p::make_VARIABLE_REQUEST_BODY(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_FILE_NAME} { return p::make_VARIABLE_REQUEST_FILE_NAME(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_HEADERS_NAMES} { return p::make_VARIABLE_REQUEST_HEADERS_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_LINE} { return p::make_VARIABLE_REQUEST_LINE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_METHOD} { return p::make_VARIABLE_REQUEST_METHOD(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_PROTOCOL} { return p::make_VARIABLE_REQUEST_PROTOCOL(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_URI_RAW} { return p::make_VARIABLE_REQUEST_URI_RAW(*driver.loc.back()); }
|
||||||
|
{VARIABLE_REQUEST_URI} { return p::make_VARIABLE_REQUEST_URI(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_BODY} { return p::make_VARIABLE_RESPONSE_BODY(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_CONTENT_LENGTH} { return p::make_VARIABLE_RESPONSE_CONTENT_LENGTH(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_CONTENT_TYPE} { return p::make_VARIABLE_RESPONSE_CONTENT_TYPE(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_HEADERS_NAMES} { return p::make_VARIABLE_RESPONSE_HEADERS_NAMES(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_PROTOCOL} { return p::make_VARIABLE_RESPONSE_PROTOCOL(*driver.loc.back()); }
|
||||||
|
{VARIABLE_RESPONSE_STATUS} { return p::make_VARIABLE_RESPONSE_STATUS(*driver.loc.back()); }
|
||||||
|
{VARIABLE_SERVER_ADDR} { return p::make_VARIABLE_SERVER_ADDR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_SERVER_NAME} { return p::make_VARIABLE_SERVER_NAME(*driver.loc.back()); }
|
||||||
|
{VARIABLE_SERVER_PORT} { return p::make_VARIABLE_SERVER_PORT(*driver.loc.back()); }
|
||||||
|
{VARIABLE_SESSION_ID} { return p::make_VARIABLE_SESSION_ID(*driver.loc.back()); }
|
||||||
|
{VARIABLE_UNIQUE_ID} { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); }
|
||||||
|
{VARIABLE_URL_ENCODED_ERROR} { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
|
||||||
|
{VARIABLE_USER_ID} { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
<EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{
|
<EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{
|
||||||
|
|||||||
@ -859,8 +859,9 @@ int Multipart::process_boundary(int last_part) {
|
|||||||
* is clear that there is no more data to be processed.
|
* is clear that there is no more data to be processed.
|
||||||
*/
|
*/
|
||||||
int Multipart::multipart_complete(std::string *error) {
|
int Multipart::multipart_complete(std::string *error) {
|
||||||
m_transaction->m_collections.store("MULTIPART_UNMATCHED_BOUNDARY",
|
m_transaction->m_variableMultipartUnmatchedBoundary.set(
|
||||||
std::to_string(m_flag_unmatched_boundary));
|
std::to_string(m_flag_unmatched_boundary),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_DATA_BEFORE",
|
m_transaction->m_collections.store("MULTIPART_DATA_BEFORE",
|
||||||
std::to_string(m_flag_data_before));
|
std::to_string(m_flag_data_before));
|
||||||
@ -868,8 +869,9 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
debug(4, "Multipart: Warning: seen data before first boundary.");
|
debug(4, "Multipart: Warning: seen data before first boundary.");
|
||||||
}
|
}
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_DATA_AFTER",
|
m_transaction->m_variableMultipartDataAfter.set(
|
||||||
std::to_string(m_flag_data_after));
|
std::to_string(m_flag_data_after),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
if (m_flag_data_after) {
|
if (m_flag_data_after) {
|
||||||
debug(4, "Multipart: Warning: seen data after last boundary.");
|
debug(4, "Multipart: Warning: seen data after last boundary.");
|
||||||
}
|
}
|
||||||
@ -886,8 +888,9 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
debug(4, "Multipart: Warning: boundary whitespace in C-T header.");
|
debug(4, "Multipart: Warning: boundary whitespace in C-T header.");
|
||||||
}
|
}
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_HEADER_FOLDING",
|
m_transaction->m_variableMultipartHeaderFolding.set(
|
||||||
std::to_string(m_flag_header_folding));
|
std::to_string(m_flag_header_folding),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
if (m_flag_header_folding) {
|
if (m_flag_header_folding) {
|
||||||
debug(4, "Multipart: Warning: header folding used.");
|
debug(4, "Multipart: Warning: header folding used.");
|
||||||
}
|
}
|
||||||
@ -896,8 +899,9 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
std::to_string(m_flag_crlf_line));
|
std::to_string(m_flag_crlf_line));
|
||||||
m_transaction->m_collections.store("MULTIPART_LF_LINE",
|
m_transaction->m_collections.store("MULTIPART_LF_LINE",
|
||||||
std::to_string(m_flag_lf_line));
|
std::to_string(m_flag_lf_line));
|
||||||
m_transaction->m_collections.store("MULTIPART_CRLF_LF_LINES",
|
m_transaction->m_variableMultipartCrlfLFLines.set(
|
||||||
std::to_string(m_flag_crlf_line && m_flag_lf_line));
|
std::to_string(m_flag_crlf_line && m_flag_lf_line),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
if (m_flag_crlf_line && m_flag_lf_line) {
|
if (m_flag_crlf_line && m_flag_lf_line) {
|
||||||
debug(4, "Multipart: Warning: mixed line endings used (CRLF/LF).");
|
debug(4, "Multipart: Warning: mixed line endings used (CRLF/LF).");
|
||||||
} else if (m_flag_lf_line) {
|
} else if (m_flag_lf_line) {
|
||||||
@ -910,8 +914,9 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
debug(4, "Multipart: Warning: missing semicolon in C-T header.");
|
debug(4, "Multipart: Warning: missing semicolon in C-T header.");
|
||||||
}
|
}
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_INVALID_QUOTING",
|
m_transaction->m_variableMultipartInvalidQuoting.set(
|
||||||
std::to_string(m_flag_invalid_quoting));
|
std::to_string(m_flag_invalid_quoting),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
if (m_flag_invalid_quoting) {
|
if (m_flag_invalid_quoting) {
|
||||||
debug(4, "Multipart: Warning: invalid quoting used.");
|
debug(4, "Multipart: Warning: invalid quoting used.");
|
||||||
}
|
}
|
||||||
@ -922,20 +927,21 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
debug(4, "Multipart: Warning: invalid part parsing.");
|
debug(4, "Multipart: Warning: invalid part parsing.");
|
||||||
}
|
}
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_INVALID_HEADER_FOLDING",
|
m_transaction->m_variableMultipartInvalidHeaderFolding.set(
|
||||||
std::to_string(m_flag_invalid_header_folding));
|
std::to_string(m_flag_invalid_header_folding),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
if (m_flag_invalid_header_folding) {
|
if (m_flag_invalid_header_folding) {
|
||||||
debug(4, "Multipart: Warning: invalid header folding used.");
|
debug(4, "Multipart: Warning: invalid header folding used.");
|
||||||
}
|
}
|
||||||
|
|
||||||
m_transaction->m_collections.store("MULTIPART_STRICT_ERROR",
|
m_transaction->m_variableMultipartStrictError.set(
|
||||||
std::to_string(m_flag_error || m_flag_boundary_quoted != 0
|
std::to_string(m_flag_error || m_flag_boundary_quoted != 0
|
||||||
|| m_flag_boundary_whitespace != 0 || m_flag_data_before != 0
|
|| m_flag_boundary_whitespace != 0 || m_flag_data_before != 0
|
||||||
|| m_flag_data_after != 0 || m_flag_header_folding != 0
|
|| m_flag_data_after != 0 || m_flag_header_folding != 0
|
||||||
|| m_flag_lf_line != 0 || m_flag_missing_semicolon != 0
|
|| m_flag_lf_line != 0 || m_flag_missing_semicolon != 0
|
||||||
|| m_flag_invalid_quoting != 0 || m_flag_invalid_part != 0
|
|| m_flag_invalid_quoting != 0 || m_flag_invalid_part != 0
|
||||||
|| m_flag_invalid_header_folding != 0
|
|| m_flag_invalid_header_folding != 0
|
||||||
|| m_flag_file_limit_exceeded != 0));
|
|| m_flag_file_limit_exceeded != 0), m_transaction->m_variableOffset);
|
||||||
|
|
||||||
|
|
||||||
if ((m_seen_data != 0) && (m_is_complete == 0)) {
|
if ((m_seen_data != 0) && (m_is_complete == 0)) {
|
||||||
@ -1031,8 +1037,9 @@ int Multipart::multipart_complete(std::string *error) {
|
|||||||
std::to_string(m_transaction->->m_ARGScombinedSize));
|
std::to_string(m_transaction->->m_ARGScombinedSize));
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
m_transaction->m_collections.store("FILES_COMBINED_SIZE",
|
m_transaction->m_variableFilesCombinedSize.set(
|
||||||
std::to_string(file_combined_size));
|
std::to_string(file_combined_size),
|
||||||
|
m_transaction->m_variableOffset);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -173,8 +173,8 @@ bool Rule::evaluateActions(Transaction *trasn) {
|
|||||||
void Rule::updateMatchedVars(Transaction *trasn, std::string key,
|
void Rule::updateMatchedVars(Transaction *trasn, std::string key,
|
||||||
std::string value) {
|
std::string value) {
|
||||||
trasn->debug(4, "Matched vars updated.");
|
trasn->debug(4, "Matched vars updated.");
|
||||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", value);
|
trasn->m_variableMatchedVar.set(value, trasn->m_variableOffset);
|
||||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR_NAME", key);
|
trasn->m_variableMatchedVarName.set(key, trasn->m_variableOffset);
|
||||||
trasn->m_collections.store("MATCHED_VARS:" + key, value);
|
trasn->m_collections.store("MATCHED_VARS:" + key, value);
|
||||||
trasn->m_collections.store("MATCHED_VARS_NAMES:" + key, key);
|
trasn->m_collections.store("MATCHED_VARS_NAMES:" + key, key);
|
||||||
}
|
}
|
||||||
@ -183,6 +183,7 @@ void Rule::updateMatchedVars(Transaction *trasn, std::string key,
|
|||||||
void Rule::cleanMatchedVars(Transaction *trasn) {
|
void Rule::cleanMatchedVars(Transaction *trasn) {
|
||||||
trasn->debug(4, "Matched vars cleaned.");
|
trasn->debug(4, "Matched vars cleaned.");
|
||||||
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", "");
|
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", "");
|
||||||
|
trasn->m_variableMatchedVar.set("", trasn->m_variableOffset);
|
||||||
trasn->m_collections.del("MATCHED_VARS_NAME");
|
trasn->m_collections.del("MATCHED_VARS_NAME");
|
||||||
trasn->m_collections.del("MATCHED_VARS");
|
trasn->m_collections.del("MATCHED_VARS");
|
||||||
trasn->m_collections.del("MATCHED_VARS_NAMES");
|
trasn->m_collections.del("MATCHED_VARS_NAMES");
|
||||||
|
|||||||
@ -109,15 +109,9 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
|||||||
m_timeStamp(std::time(NULL)),
|
m_timeStamp(std::time(NULL)),
|
||||||
m_httpCodeReturned(200),
|
m_httpCodeReturned(200),
|
||||||
m_highestSeverityAction(255),
|
m_highestSeverityAction(255),
|
||||||
m_ARGScombinedSize(0),
|
m_ARGScombinedSizeDouble(0),
|
||||||
m_ARGScombinedSizeStr(NULL),
|
|
||||||
m_namesArgsPost(NULL),
|
|
||||||
m_namesArgsGet(NULL),
|
|
||||||
m_requestBodyType(UnknownFormat),
|
m_requestBodyType(UnknownFormat),
|
||||||
m_requestBodyProcessor(UnknownFormat),
|
m_requestBodyProcessor(UnknownFormat),
|
||||||
m_requestHeadersNames(NULL),
|
|
||||||
m_responseHeadersNames(NULL),
|
|
||||||
m_responseContentType(NULL),
|
|
||||||
m_requestBodyAccess(Rules::PropertyNotSetConfigBoolean),
|
m_requestBodyAccess(Rules::PropertyNotSetConfigBoolean),
|
||||||
m_marker(""),
|
m_marker(""),
|
||||||
m_allowType(modsecurity::actions::disruptive::NoneAllowType),
|
m_allowType(modsecurity::actions::disruptive::NoneAllowType),
|
||||||
@ -135,23 +129,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
|||||||
std::to_string(modsecurity::utils::generate_transaction_unique_id());
|
std::to_string(modsecurity::utils::generate_transaction_unique_id());
|
||||||
m_rules->incrementReferenceCount();
|
m_rules->incrementReferenceCount();
|
||||||
|
|
||||||
m_collections.store("ARGS_COMBINED_SIZE", std::string("0"));
|
m_variableUrlEncodedError.set("0", 0);
|
||||||
m_ARGScombinedSizeStr = m_collections.resolveFirst("ARGS_COMBINED_SIZE");
|
|
||||||
m_collections.store("ARGS_POST_NAMES", std::string(""));
|
|
||||||
this->m_namesArgsPost = m_collections.resolveFirst("ARGS_POST_NAMES");
|
|
||||||
m_collections.store("ARGS_GET_NAMES", std::string(""));
|
|
||||||
this->m_namesArgsGet = m_collections.resolveFirst("ARGS_GET_NAMES");
|
|
||||||
m_collections.store("REQUEST_HEADERS_NAMES", std::string(""));
|
|
||||||
this->m_requestHeadersNames = m_collections.resolveFirst(
|
|
||||||
"REQUEST_HEADERS_NAMES");
|
|
||||||
m_collections.store("RESPONSE_HEADERS_NAMES", std::string(""));
|
|
||||||
this->m_responseHeadersNames = m_collections.resolveFirst(
|
|
||||||
"RESPONSE_HEADERS_NAMES");
|
|
||||||
m_collections.store("RESPONSE_CONTENT_TYPE", std::string(""));
|
|
||||||
this->m_responseContentType = m_collections.resolveFirst(
|
|
||||||
"RESPONSE_CONTENT_TYPE");
|
|
||||||
|
|
||||||
m_collections.storeOrUpdateFirst("URLENCODED_ERROR", "0");
|
|
||||||
|
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
this->debug(4, "Initializing transaction");
|
this->debug(4, "Initializing transaction");
|
||||||
@ -233,14 +211,13 @@ int Transaction::processConnection(const char *client, int cPort,
|
|||||||
debug(4, "Starting phase CONNECTION. (SecRules 0)");
|
debug(4, "Starting phase CONNECTION. (SecRules 0)");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
this->m_collections.store("REMOTE_HOST", m_clientIpAddress);
|
m_variableRemoteHost.set(m_clientIpAddress, m_variableOffset);
|
||||||
this->m_collections.store("UNIQUE_ID", m_id);
|
m_variableUniqueID.set(m_id, m_variableOffset);
|
||||||
this->m_collections.store("REMOTE_ADDR", m_clientIpAddress);
|
m_variableRemoteAddr.set(m_clientIpAddress, m_variableOffset);
|
||||||
this->m_collections.store("SERVER_ADDR", m_serverIpAddress);
|
m_variableServerAddr.set(m_serverIpAddress, m_variableOffset);
|
||||||
this->m_collections.store("SERVER_PORT",
|
m_variableServerPort.set(std::to_string(this->m_serverPort), m_variableOffset);
|
||||||
std::to_string(this->m_serverPort));
|
m_variableRemotePort.set(std::to_string(this->m_clientPort), m_variableOffset);
|
||||||
this->m_collections.store("REMOTE_PORT",
|
|
||||||
std::to_string(this->m_clientPort));
|
|
||||||
this->m_rules->evaluate(modsecurity::ConnectionPhase, this);
|
this->m_rules->evaluate(modsecurity::ConnectionPhase, this);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -289,7 +266,7 @@ bool Transaction::extractArguments(const std::string &orig,
|
|||||||
&invalid, &changed);
|
&invalid, &changed);
|
||||||
|
|
||||||
if (invalid) {
|
if (invalid) {
|
||||||
m_collections.storeOrUpdateFirst("URLENCODED_ERROR", "1");
|
m_variableUrlEncodedError.set("1", m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
addArgument(orig, std::string(reinterpret_cast<char *>(key_c), key_s-1),
|
addArgument(orig, std::string(reinterpret_cast<char *>(key_c), key_s-1),
|
||||||
@ -309,30 +286,20 @@ bool Transaction::addArgument(const std::string& orig, const std::string& key,
|
|||||||
key + "\", value \"" + value + "\"");
|
key + "\", value \"" + value + "\"");
|
||||||
|
|
||||||
m_collections.store("ARGS:" + key, value);
|
m_collections.store("ARGS:" + key, value);
|
||||||
|
|
||||||
if (orig == "GET") {
|
if (orig == "GET") {
|
||||||
m_collections.store("ARGS_GET:" + key, value);
|
m_collections.store("ARGS_GET:" + key, value);
|
||||||
if (m_namesArgsGet->empty()) {
|
m_variableArgGetNames.append(key, 0, true);
|
||||||
m_namesArgsGet->assign(key);
|
} else if (orig == "POST") {
|
||||||
} else {
|
|
||||||
m_namesArgsGet->assign(*m_namesArgsGet + " " + key);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (orig == "POST") {
|
|
||||||
m_collections.store("ARGS_POST:" + key, value);
|
m_collections.store("ARGS_POST:" + key, value);
|
||||||
if (m_namesArgsPost->empty()) {
|
m_variableArgPostNames.append(key, 0, true);
|
||||||
m_namesArgsPost->assign(key);
|
|
||||||
} else {
|
|
||||||
m_namesArgsPost->assign(*m_namesArgsPost + " " + key);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
m_variableArgsNames.append(key, 0, true);
|
m_variableArgsNames.append(key, 0, true);
|
||||||
|
|
||||||
|
m_ARGScombinedSizeDouble = m_ARGScombinedSizeDouble + \
|
||||||
this->m_ARGScombinedSize = this->m_ARGScombinedSize + \
|
|
||||||
key.length() + value.length();
|
key.length() + value.length();
|
||||||
this->m_ARGScombinedSizeStr->assign(
|
|
||||||
std::to_string(this->m_ARGScombinedSize));
|
m_variableARGScombinedSize.set(std::to_string(m_ARGScombinedSizeDouble), 0);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -377,8 +344,8 @@ int Transaction::processURI(const char *uri, const char *method,
|
|||||||
size_t pos = m_uri_decoded.find("?");
|
size_t pos = m_uri_decoded.find("?");
|
||||||
size_t pos_raw = uri_s.find("?");
|
size_t pos_raw = uri_s.find("?");
|
||||||
|
|
||||||
m_collections.store("REQUEST_LINE", std::string(method) + " " +
|
m_variableRequestLine.set(std::string(method) + " " + std::string(uri)
|
||||||
std::string(uri) + " HTTP/" + std::string(http_version));
|
+ " HTTP/" + std::string(http_version), m_variableOffset);
|
||||||
|
|
||||||
if (pos != std::string::npos) {
|
if (pos != std::string::npos) {
|
||||||
m_uri_no_query_string_decoded = std::string(m_uri_decoded, 0, pos);
|
m_uri_no_query_string_decoded = std::string(m_uri_decoded, 0, pos);
|
||||||
@ -387,8 +354,9 @@ int Transaction::processURI(const char *uri, const char *method,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (pos_raw != std::string::npos) {
|
if (pos_raw != std::string::npos) {
|
||||||
m_collections.store("QUERY_STRING", std::string(uri_s, pos_raw + 1,
|
std::string qry = std::string(uri_s, pos_raw + 1,
|
||||||
uri_s.length() - (pos_raw + 1)));
|
uri_s.length() - (pos_raw + 1));
|
||||||
|
m_variableQueryString.set(qry, m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string path_info;
|
std::string path_info;
|
||||||
@ -397,18 +365,18 @@ int Transaction::processURI(const char *uri, const char *method,
|
|||||||
} else {
|
} else {
|
||||||
path_info = std::string(m_uri_decoded, 0, pos);
|
path_info = std::string(m_uri_decoded, 0, pos);
|
||||||
}
|
}
|
||||||
m_collections.store("PATH_INFO", path_info);
|
m_variablePathInfo.set(path_info, m_variableOffset);
|
||||||
m_collections.store("REQUEST_FILENAME", path_info);
|
m_variableRequestFilename.set(path_info, m_variableOffset);
|
||||||
|
|
||||||
size_t offset = path_info.find_last_of("/\\");
|
size_t offset = path_info.find_last_of("/\\");
|
||||||
if (offset != std::string::npos && path_info.length() > offset + 1) {
|
if (offset != std::string::npos && path_info.length() > offset + 1) {
|
||||||
std::string basename = std::string(path_info, offset + 1,
|
std::string basename = std::string(path_info, offset + 1,
|
||||||
path_info.length() - (offset + 1));
|
path_info.length() - (offset + 1));
|
||||||
m_collections.store("REQUEST_BASENAME", basename);
|
m_variableRequestBasename.set(basename, m_variableOffset);
|
||||||
}
|
}
|
||||||
m_collections.store("REQUEST_METHOD", method);
|
m_variableRequestMethod.set(method, m_variableOffset);
|
||||||
m_collections.store("REQUEST_PROTOCOL",
|
m_variableRequestProtocol.set("HTTP/" + std::string(http_version),
|
||||||
"HTTP/" + std::string(http_version));
|
m_variableOffset);
|
||||||
|
|
||||||
std::string parsedURI = m_uri_decoded;
|
std::string parsedURI = m_uri_decoded;
|
||||||
// The more popular case is without domain
|
// The more popular case is without domain
|
||||||
@ -434,8 +402,8 @@ int Transaction::processURI(const char *uri, const char *method,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
m_collections.store("REQUEST_URI", parsedURI);
|
m_variableRequestURI.set(parsedURI, m_variableOffset);
|
||||||
m_collections.store("REQUEST_URI_RAW", uri);
|
m_variableRequestURIRaw.set(uri, m_variableOffset);
|
||||||
|
|
||||||
if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) {
|
if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) {
|
||||||
extractArguments("GET", std::string(uri_s, pos_raw + 1,
|
extractArguments("GET", std::string(uri_s, pos_raw + 1,
|
||||||
@ -496,14 +464,14 @@ int Transaction::processRequestHeaders() {
|
|||||||
*/
|
*/
|
||||||
int Transaction::addRequestHeader(const std::string& key,
|
int Transaction::addRequestHeader(const std::string& key,
|
||||||
const std::string& value) {
|
const std::string& value) {
|
||||||
m_requestHeadersNames->assign(*m_requestHeadersNames + " " + key);
|
m_variableRequestHeadersNames.append(key, 0, true);
|
||||||
|
|
||||||
this->m_collections.store("REQUEST_HEADERS:" + key, value);
|
this->m_collections.store("REQUEST_HEADERS:" + key, value);
|
||||||
|
|
||||||
std::string keyl = utils::string::tolower(key);
|
std::string keyl = utils::string::tolower(key);
|
||||||
if (keyl == "authorization") {
|
if (keyl == "authorization") {
|
||||||
std::vector<std::string> type = utils::string::split(value, ' ');
|
std::vector<std::string> type = utils::string::split(value, ' ');
|
||||||
this->m_collections.store("AUTH_TYPE", type[0]);
|
m_variableAuthType.set(type[0], m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (keyl == "cookie") {
|
if (keyl == "cookie") {
|
||||||
@ -535,18 +503,18 @@ int Transaction::addRequestHeader(const std::string& key,
|
|||||||
std::string l = utils::string::tolower(value);
|
std::string l = utils::string::tolower(value);
|
||||||
if (l.compare(0, multipart.length(), multipart) == 0) {
|
if (l.compare(0, multipart.length(), multipart) == 0) {
|
||||||
this->m_requestBodyType = MultiPartRequestBody;
|
this->m_requestBodyType = MultiPartRequestBody;
|
||||||
m_collections.store("REQBODY_PROCESSOR", "MULTIPART");
|
m_variableReqbodyProcessor.set("MULTIPART", m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (l == "application/x-www-form-urlencoded") {
|
if (l == "application/x-www-form-urlencoded") {
|
||||||
this->m_requestBodyType = WWWFormUrlEncoded;
|
this->m_requestBodyType = WWWFormUrlEncoded;
|
||||||
m_collections.store("REQBODY_PROCESSOR", "URLENCODED");
|
m_variableReqbodyProcessor.set("URLENCODED", m_variableOffset);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (keyl == "host") {
|
if (keyl == "host") {
|
||||||
std::vector<std::string> host = utils::string::split(value, ':');
|
std::vector<std::string> host = utils::string::split(value, ':');
|
||||||
m_collections.store("SERVER_NAME", host[0]);
|
m_variableServerName.set(host[0], m_variableOffset);
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -637,8 +605,8 @@ int Transaction::processRequestBody() {
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (m_collections.resolveFirst("INBOUND_DATA_ERROR") == NULL) {
|
if (m_variableInboundDataError.m_value.empty() == true) {
|
||||||
m_collections.store("INBOUND_DATA_ERROR", "0");
|
m_variableInboundDataError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -658,15 +626,15 @@ int Transaction::processRequestBody() {
|
|||||||
m_xml->complete(&error);
|
m_xml->complete(&error);
|
||||||
}
|
}
|
||||||
if (error.empty() == false) {
|
if (error.empty() == false) {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
m_variableReqbodyError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
m_variableReqbodyErrorMsg.set("XML parsing error: " + error,
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
m_variableOffset);
|
||||||
"XML parsing error: " + error);
|
m_variableReqbodyProcessorErrorMsg.set("XML parsing error: " \
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
+ error, m_variableOffset);
|
||||||
"XML parsing error: " + error);
|
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||||
} else {
|
} else {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
m_variableReqbodyError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
} else if (m_requestBodyProcessor == JSONRequestBody) {
|
} else if (m_requestBodyProcessor == JSONRequestBody) {
|
||||||
std::string error;
|
std::string error;
|
||||||
@ -677,15 +645,15 @@ int Transaction::processRequestBody() {
|
|||||||
m_json->complete(&error);
|
m_json->complete(&error);
|
||||||
}
|
}
|
||||||
if (error.empty() == false) {
|
if (error.empty() == false) {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
m_variableReqbodyError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
m_variableReqbodyErrorMsg.set("XML parsing error: " + error,
|
||||||
"XML parsing error: " + error);
|
m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
m_variableReqbodyProcessorErrorMsg.set("XML parsing error: " \
|
||||||
"XML parsing error: " + error);
|
+ error, m_variableOffset);
|
||||||
} else {
|
} else {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
m_variableReqbodyError.set("0", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
} else if (m_requestBodyType == MultiPartRequestBody) {
|
} else if (m_requestBodyType == MultiPartRequestBody) {
|
||||||
std::string error;
|
std::string error;
|
||||||
@ -700,15 +668,15 @@ int Transaction::processRequestBody() {
|
|||||||
m.multipart_complete(&error);
|
m.multipart_complete(&error);
|
||||||
}
|
}
|
||||||
if (error.empty() == false) {
|
if (error.empty() == false) {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
m_variableReqbodyError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
m_variableReqbodyErrorMsg.set("Multipart parsing error: " + error,
|
||||||
"Multipart parsing error: " + error);
|
m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
m_variableReqbodyProcessorErrorMsg.set("Multipart parsing " \
|
||||||
"Multipart parsing error: " + error);
|
"error: " + error, m_variableOffset);
|
||||||
} else {
|
} else {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
m_variableReqbodyError.set("0", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
} else if (m_requestBodyType == WWWFormUrlEncoded) {
|
} else if (m_requestBodyType == WWWFormUrlEncoded) {
|
||||||
extractArguments("POST", m_requestBody.str());
|
extractArguments("POST", m_requestBody.str());
|
||||||
@ -720,15 +688,15 @@ int Transaction::processRequestBody() {
|
|||||||
if (a != NULL && a->empty() == false) {
|
if (a != NULL && a->empty() == false) {
|
||||||
error.assign(*a);
|
error.assign(*a);
|
||||||
}
|
}
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "1");
|
m_variableReqbodyError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "1");
|
m_variableReqbodyProcessorError.set("1", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR_MSG",
|
m_variableReqbodyErrorMsg.set("Unknown request body processor: " \
|
||||||
"Unknown request body processor: " + error);
|
+ error, m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR_MSG",
|
m_variableReqbodyProcessorErrorMsg.set("Unknown request body " \
|
||||||
"Unknown request body processor: " + error);
|
"processor: " + error, m_variableOffset);
|
||||||
} else {
|
} else {
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_ERROR", "0");
|
m_variableReqbodyError.set("0", m_variableOffset);
|
||||||
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
|
m_variableReqbodyProcessorError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
#if 1
|
#if 1
|
||||||
@ -774,14 +742,15 @@ int Transaction::processRequestBody() {
|
|||||||
|
|
||||||
fullRequest = fullRequest + "\n\n";
|
fullRequest = fullRequest + "\n\n";
|
||||||
fullRequest = fullRequest + m_requestBody.str();
|
fullRequest = fullRequest + m_requestBody.str();
|
||||||
m_collections.store("FULL_REQUEST", fullRequest);
|
m_variableFullRequest.set(fullRequest, m_variableOffset);
|
||||||
m_collections.store("FULL_REQUEST_LENGTH",
|
m_variableFullRequestLength.set(std::to_string(fullRequest.size()),
|
||||||
std::to_string(fullRequest.size()));
|
m_variableOffset);
|
||||||
|
|
||||||
if (m_requestBody.tellp() > 0) {
|
if (m_requestBody.tellp() > 0) {
|
||||||
m_collections.store("REQUEST_BODY", m_requestBody.str());
|
m_variableRequestBody.set(m_requestBody.str(), m_variableOffset);
|
||||||
m_collections.store("REQUEST_BODY_LENGTH",
|
m_variableRequestBodyLength.set(std::to_string(
|
||||||
std::to_string(m_requestBody.str().size()));
|
m_requestBody.str().size()),
|
||||||
|
m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
||||||
@ -853,7 +822,7 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) {
|
|||||||
|
|
||||||
if (this->m_rules->m_requestBodyLimit.m_value > 0
|
if (this->m_rules->m_requestBodyLimit.m_value > 0
|
||||||
&& this->m_rules->m_requestBodyLimit.m_value < len + current_size) {
|
&& this->m_rules->m_requestBodyLimit.m_value < len + current_size) {
|
||||||
m_collections.store("INBOUND_DATA_ERROR", "1");
|
m_variableInboundDataError.set("1", m_variableOffset);
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
debug(5, "Request body is bigger than the maximum expected.");
|
debug(5, "Request body is bigger than the maximum expected.");
|
||||||
#endif
|
#endif
|
||||||
@ -913,8 +882,8 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
this->m_httpCodeReturned = code;
|
this->m_httpCodeReturned = code;
|
||||||
this->m_collections.store("RESPONSE_STATUS", std::to_string(code));
|
m_variableResponseStatus.set(std::to_string(code), m_variableOffset);
|
||||||
m_collections.store("RESPONSE_PROTOCOL", proto);
|
m_variableResponseProtocol.set(proto, m_variableOffset);
|
||||||
|
|
||||||
if (m_rules->m_secRuleEngine == Rules::DisabledRuleEngine) {
|
if (m_rules->m_secRuleEngine == Rules::DisabledRuleEngine) {
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
@ -948,7 +917,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
|
|||||||
*/
|
*/
|
||||||
int Transaction::addResponseHeader(const std::string& key,
|
int Transaction::addResponseHeader(const std::string& key,
|
||||||
const std::string& value) {
|
const std::string& value) {
|
||||||
m_responseHeadersNames->assign(*m_responseHeadersNames + " " + key);
|
m_variableResponseHeadersNames.append(key, 0, true);
|
||||||
|
|
||||||
this->m_collections.store("RESPONSE_HEADERS:" + key, value);
|
this->m_collections.store("RESPONSE_HEADERS:" + key, value);
|
||||||
|
|
||||||
@ -957,7 +926,7 @@ int Transaction::addResponseHeader(const std::string& key,
|
|||||||
// Content-Type: text/html; charset=UTF-8
|
// Content-Type: text/html; charset=UTF-8
|
||||||
std::vector<std::string> val = utils::string::split(value, ';');
|
std::vector<std::string> val = utils::string::split(value, ';');
|
||||||
if (val.size() > 0) {
|
if (val.size() > 0) {
|
||||||
this->m_responseContentType->assign(val[0]);
|
m_variableResponseContentType.set(val[0], 0);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
@ -1050,10 +1019,10 @@ int Transaction::processResponseBody() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||||
auto t = bi.find(*m_responseContentType);
|
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||||
if (t == bi.end() && bi.empty() == false) {
|
if (t == bi.end() && bi.empty() == false) {
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
debug(5, "Response Content-Type is " + *m_responseContentType + \
|
debug(5, "Response Content-Type is " + m_variableResponseContentType.m_value + \
|
||||||
". It is not marked to be inspected.");
|
". It is not marked to be inspected.");
|
||||||
std::string validContetTypes("");
|
std::string validContetTypes("");
|
||||||
for (std::set<std::string>::iterator i = bi.begin();
|
for (std::set<std::string>::iterator i = bi.begin();
|
||||||
@ -1064,13 +1033,12 @@ int Transaction::processResponseBody() {
|
|||||||
#endif
|
#endif
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (m_collections.resolveFirst("OUTBOUND_DATA_ERROR") == NULL) {
|
if (m_variableOutboundDataError.m_value.empty() == true) {
|
||||||
m_collections.store("OUTBOUND_DATA_ERROR", "0");
|
m_variableOutboundDataError.set("0", m_variableOffset);
|
||||||
}
|
}
|
||||||
|
|
||||||
m_collections.store("RESPONSE_BODY", m_responseBody.str());
|
m_variableResponseBody.set(m_responseBody.str(), m_variableOffset);
|
||||||
m_collections.store("RESPONSE_CONTENT_LENGTH",
|
m_variableResponseContentLength.set(std::to_string(m_responseBody.str().size()), m_variableOffset);
|
||||||
std::to_string(m_responseBody.str().size()));
|
|
||||||
|
|
||||||
this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||||
return true;
|
return true;
|
||||||
@ -1099,11 +1067,11 @@ int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
|
|||||||
int current_size = this->m_responseBody.tellp();
|
int current_size = this->m_responseBody.tellp();
|
||||||
|
|
||||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||||
auto t = bi.find(*m_responseContentType);
|
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||||
if (t == bi.end() && bi.empty() == false) {
|
if (t == bi.end() && bi.empty() == false) {
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
debug(4, "Not appending response body. " \
|
debug(4, "Not appending response body. " \
|
||||||
"Response Content-Type is " + *m_responseContentType + \
|
"Response Content-Type is " + m_variableResponseContentType.m_value + \
|
||||||
". It is not marked to be inspected.");
|
". It is not marked to be inspected.");
|
||||||
#endif
|
#endif
|
||||||
return true;
|
return true;
|
||||||
@ -1117,7 +1085,7 @@ int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
|
|||||||
|
|
||||||
if (this->m_rules->m_responseBodyLimit.m_value > 0
|
if (this->m_rules->m_responseBodyLimit.m_value > 0
|
||||||
&& this->m_rules->m_responseBodyLimit.m_value < len + current_size) {
|
&& this->m_rules->m_responseBodyLimit.m_value < len + current_size) {
|
||||||
m_collections.store("OUTBOUND_DATA_ERROR", "1");
|
m_variableOutboundDataError.set("1", m_variableOffset);
|
||||||
#ifndef NO_LOGS
|
#ifndef NO_LOGS
|
||||||
debug(5, "Response body is bigger than the maximum expected.");
|
debug(5, "Response body is bigger than the maximum expected.");
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -38,7 +38,7 @@ class XML : public Variable {
|
|||||||
|
|
||||||
void evaluateInternal(Transaction *transaction,
|
void evaluateInternal(Transaction *transaction,
|
||||||
Rule *rule,
|
Rule *rule,
|
||||||
std::vector<const collection::Variable *> *l) override;
|
std::vector<const collection::Variable *> *l);
|
||||||
std::string m_plain;
|
std::string m_plain;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user