github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds parser support to ctl:[auditEngine|ruleEngine]

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-09-09 17:39:54 -03:00
parent ec6a5a0cd2
commit ee8b886371
2 changed files with 34 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/parser/seclang-parser.yy
View File

@@ -230,9 +230,11 @@ using ModSecurity::Variables::Variable;
%token <std::string> ACTION_REV %token <std::string> ACTION_REV
%token <std::string> LOG_DATA %token <std::string> LOG_DATA
%token <std::string> TRANSFORMATION %token <std::string> TRANSFORMATION
%token <std::string> ACTION_CTL_BDY_XML %token <std::string> ACTION_CTL_AUDIT_ENGINE
%token <std::string> ACTION_CTL_BDY_JSON
%token <std::string> ACTION_CTL_AUDIT_LOG_PARTS %token <std::string> ACTION_CTL_AUDIT_LOG_PARTS
%token <std::string> ACTION_CTL_BDY_JSON
%token <std::string> ACTION_CTL_BDY_XML
%token <std::string> ACTION_CTL_RULE_ENGINE
%type <std::vector<Action *> *> actions %type <std::vector<Action *> *> actions
%type <std::vector<Variable *> *> variables %type <std::vector<Variable *> *> variables
@@ -751,6 +753,30 @@ act:
{ {
$$ = new CtlAuditLogParts($1); $$ = new CtlAuditLogParts($1);
} }
| ACTION_CTL_RULE_ENGINE CONFIG_VALUE_ON
{
$$ = Action::instantiate($1);
}
| ACTION_CTL_RULE_ENGINE CONFIG_VALUE_OFF
{
$$ = Action::instantiate($1);
}
| ACTION_CTL_RULE_ENGINE CONFIG_VALUE_DETC
{
$$ = Action::instantiate($1);
}
| ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_ON
{
$$ = Action::instantiate($1);
}
| ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_OFF
{
$$ = Action::instantiate($1);
}
| ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_RELEVANT_ONLY
{
$$ = Action::instantiate($1);
}
; ;
actions: actions:

8
src/parser/seclang-scanner.ll
View File

@@ -34,9 +34,11 @@ ACTION_SETVAR (?i:setvar)
ACTION_MSG (?i:msg) ACTION_MSG (?i:msg)
ACTION_TAG (?i:tag) ACTION_TAG (?i:tag)
ACTION_REV (?i:rev) ACTION_REV (?i:rev)
ACTION_CTL_BDY_XML (?i:ctl:requestBodyProcessor=XML) ACTION_CTL_BDY_XML (?i:ctl:requestBodyProcessor=XML)
ACTION_CTL_BDY_JSON (?i:ctl:requestBodyProcessor=JSON) ACTION_CTL_BDY_JSON (?i:ctl:requestBodyProcessor=JSON)
ACTION_CTL_AUDIT_LOG_PARTS (?i:ctl:auditLogParts) ACTION_CTL_AUDIT_LOG_PARTS (?i:ctl:auditLogParts)
ACTION_CTL_RULE_ENGINE (?i:ctl:ruleEngine)
ACTION_CTL_AUDIT_ENGINE (?i:ctl:auditEngine)
DIRECTIVE (?i:SecRule) DIRECTIVE (?i:SecRule)
LOG_DATA (?i:logdata) LOG_DATA (?i:logdata)
@@ -177,6 +179,8 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
{CONFIG_DIR_AUDIT_STS}[ ]["]{FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_STS(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONFIG_DIR_AUDIT_STS}[ ]["]{FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_STS(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_TPE} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); } {CONFIG_DIR_AUDIT_TPE} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS} { return yy::seclang_parser::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); } {ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS} { return yy::seclang_parser::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_ENGINE}= { return yy::seclang_parser::make_ACTION_CTL_RULE_ENGINE(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_ENGINE}= { return yy::seclang_parser::make_ACTION_CTL_AUDIT_ENGINE(yytext, *driver.loc.back()); }
%{ /* Debug log entries */ %} %{ /* Debug log entries */ %}
{CONFIG_DIR_DEBUG_LOG}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONFIG_DIR_DEBUG_LOG}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }