github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Accepts phases with its name instead of a number

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-09-02 15:17:47 -03:00
parent 035040cd13
commit ea4cd53221
5 changed files with 116 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/actions/phase.cc
View File

@@ -20,6 +20,7 @@
#include "modsecurity/assay.h"
#include "src/rule.h"
#include "src/utils.h"
#include "modsecurity/modsecurity.h"
namespace ModSecurity {
@@ -30,7 +31,25 @@ Phase::Phase(std::string action)
this->action_kind = ConfigurationKind;
std::string a = action;
a.erase(0, 6);
this->phase = std::stoi(a);
if (a.at(0) == '\'') {
a.erase(0, 1);
a.pop_back();
}
try {
this->phase = std::stoi(a);
} catch (...) {
this->phase = 0;
if (tolower(a) == "request") {
this->phase = this->phase + ModSecurity::Phases::RequestHeadersPhase;
}
if (tolower(a) == "response") {
this->phase = this->phase + ModSecurity::Phases::ResponseBodyPhase;
}
if (tolower(a) == "logging") {
this->phase = this->phase + ModSecurity::Phases::LoggingPhase;
}
}
if (this->phase == 0) {
/* Phase 0 is something new, we want to use as ConnectionPhase */

5
src/parser/driver.cc
View File

@@ -42,8 +42,9 @@ Driver::~Driver() {
int Driver::addSecRule(Rule *rule) {
if (rule->phase >= ModSecurity::Phases::NUMBER_OF_PHASES) {
/** TODO: return an error message */
return -1;
parserError << "Unknown phase: " << std::to_string(rule->phase);
parserError << std::endl;
return false;
}
if (lastRule && lastRule->chained && lastRule->chainedRule == NULL) {

1
src/parser/seclang-parser.yy
View File

@@ -324,6 +324,7 @@ expression:
/* variables */ $3,
/* actions */ $8
);
if (driver.addSecRule(rule) == false) {
YYERROR;
}

4
src/parser/seclang-scanner.ll
View File

@@ -23,7 +23,8 @@ using ModSecurity::split;
%}
%option noyywrap nounput batch debug noinput
ACTION (?i:accuracy|allow|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|phase:[0-9]+|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION (?i:accuracy|allow|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION_PHASE ((?i:phase:(?i:REQUEST|RESPONSE|LOGGING|[0-9]+))|(?i:phase:'(?i:REQUEST|RESPONSE|LOGGING|[0-9]+)'))
ACTION_AUDIT_LOG (?i:auditlog)
ACTION_SEVERITY (?i:severity)
ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
@@ -248,6 +249,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
}
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); }