github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-05 22:09:25 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to ARGS_GET_NAMES variable

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-07-14 15:20:14 -03:00
parent e7ec09623d
commit f0624bb089
3 changed files with 94 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
headers/modsecurity/assay.h
View File

@@ -175,6 +175,7 @@ class Assay {
std::string *m_namesArgs; std::string *m_namesArgs;
std::string *m_namesArgsPost; std::string *m_namesArgsPost;
std::string *m_namesArgsGet;
std::string m_namesResponse; std::string m_namesResponse;
std::string m_namesRequest; std::string m_namesRequest;
double m_ARGScombinedSize; double m_ARGScombinedSize;

8
src/assay.cc
View File

@@ -94,6 +94,7 @@ Assay::Assay(ModSecurity *ms, Rules *rules)
m_ARGScombinedSizeStr(NULL), m_ARGScombinedSizeStr(NULL),
m_namesArgs(NULL), m_namesArgs(NULL),
m_namesArgsPost(NULL), m_namesArgsPost(NULL),
m_namesArgsGet(NULL),
m_ms(ms) { m_ms(ms) {
id = std::to_string(this->timeStamp) + \ id = std::to_string(this->timeStamp) + \
std::to_string(generate_assay_unique_id()); std::to_string(generate_assay_unique_id());
@@ -105,6 +106,8 @@ Assay::Assay(ModSecurity *ms, Rules *rules)
this->m_namesArgs = resolve_variable_first("ARGS_NAMES"); this->m_namesArgs = resolve_variable_first("ARGS_NAMES");
store_variable("ARGS_POST_NAMES", std::string("")); store_variable("ARGS_POST_NAMES", std::string(""));
this->m_namesArgsPost = resolve_variable_first("ARGS_POST_NAMES"); this->m_namesArgsPost = resolve_variable_first("ARGS_POST_NAMES");
store_variable("ARGS_GET_NAMES", std::string(""));
this->m_namesArgsGet = resolve_variable_first("ARGS_GET_NAMES");
this->debug(4, "Initialising transaction"); this->debug(4, "Initialising transaction");
} }
@@ -231,6 +234,11 @@ int Assay::processURI(const char *uri, const char *protocol,
} else { } else {
m_namesArgs->assign(*m_namesArgs + " " + key_value[0]); m_namesArgs->assign(*m_namesArgs + " " + key_value[0]);
} }
if (m_namesArgsGet->empty()) {
m_namesArgsGet->assign(key_value[0]);
} else {
m_namesArgsGet->assign(*m_namesArgsGet + " " + key_value[0]);
}
this->m_ARGScombinedSize = this->m_ARGScombinedSize + \ this->m_ARGScombinedSize = this->m_ARGScombinedSize + \
key_value[0].length() + key_value[1].length(); key_value[0].length() + key_value[1].length();

85
test/test-cases/regression/variable-ARGS_GET_NAMES.json Normal file
View File

@@ -0,0 +1,85 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_GET_NAMES (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"key key\""
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS_GET_NAMES \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_GET_NAMES (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"key key\""
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS_GET_NAMES \"@contains test \" \"pass,t:trim\""
]
}
]