github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds first PoC for the operator offset feature

Browse Source
This commit is contained in:
Felipe Zimmerle
2017-01-19 14:34:48 -03:00
committed by Felipe Zimmerle
parent 9a8fc3116a
commit ecbf292f6d
89 changed files with 2908 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/operators/contains_word.cc
View File

@@ -19,6 +19,7 @@
#include "src/operators/operator.h"
#include "src/macro_expansion.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace operators {
@@ -36,8 +37,8 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
return true;
}
bool ContainsWord::evaluate(Transaction *transaction,
const std::string& input) {
bool ContainsWord::evaluate(Transaction *transaction, Rule *rule,
const std::string &input, RuleMessage *ruleMessage) {
std::string paramTarget = MacroExpansion::expand(m_param, transaction);
if (paramTarget.empty()) {
@@ -53,14 +54,17 @@ bool ContainsWord::evaluate(Transaction *transaction,
size_t pos = input.find(paramTarget);
while (pos != std::string::npos) {
if (pos == 0 && acceptableChar(input, paramTarget.size())) {
logOffset(ruleMessage, 0, paramTarget.size());
return true;
}
if (pos + paramTarget.size() == input.size() &&
acceptableChar(input, pos - 1)) {
logOffset(ruleMessage, pos, paramTarget.size());
return true;
}
if (acceptableChar(input, pos - 1) &&
acceptableChar(input, pos + paramTarget.size())) {
logOffset(ruleMessage, pos, paramTarget.size());
return true;
}
pos = input.find(paramTarget, pos + 1);