github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Using RunTimeString on setvar action

Browse Source
This commit is contained in:
Felipe Zimmerle 2018-01-27 21:34:39 -03:00
parent a6830c76f2
commit f17af95728
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
14 changed files with 7697 additions and 6942 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
src/actions/set_var.cc
View File

@ -24,99 +24,64 @@
#include "modsecurity/rule.h"
#include "src/macro_expansion.h"
#include "src/utils/string.h"
#include "src/variables/global.h"
#include "src/variables/ip.h"
#include "src/variables/resource.h"
#include "src/variables/session.h"
#include "src/variables/tx.h"
#include "src/variables/user.h"
#include "src/variables/variable.h"
namespace modsecurity {
namespace actions {
bool SetVar::init(std::string *error) {
size_t pos;
if (m_variableName.empty() == false) {
pos = m_variableName.find(".");
if (pos != std::string::npos) {
m_collectionName = std::string(m_variableName, 0, pos);
m_collectionName = utils::string::toupper(m_collectionName);
m_variableName = std::string(m_variableName, pos + 1,
m_variableName.size() - (pos + 1));
} else {
error->assign("Missing the collection and/or variable name");
return false;
}
return true;
}
// Resolv operation
m_operation = setToOneOperation;
pos = m_parser_payload.find("=");
if (pos != std::string::npos) {
m_operation = setOperation;
}
pos = m_parser_payload.find("=+");
if (pos != std::string::npos) {
m_operation = sumAndSetOperation;
}
pos = m_parser_payload.find("=-");
if (pos != std::string::npos) {
m_operation = substractAndSetOperation;
}
// Collection name
pos = m_parser_payload.find(".");
if (pos != std::string::npos) {
m_collectionName = std::string(m_parser_payload, 0, pos);
m_collectionName = utils::string::toupper(m_collectionName);
} else {
error->assign("Missing the collection and/or variable name");
return false;
}
// Variable name
if (m_operation == setToOneOperation) {
m_variableName = std::string(m_parser_payload, pos + 1,
m_parser_payload.length()
- (pos + 1));
} else {
size_t pos2 = m_parser_payload.find("=");
m_variableName = std::string(m_parser_payload, pos + 1,
pos2 - (pos + 1));
if (pos2 + 2 > m_parser_payload.length()) {
m_predicate = "";
} else {
if (m_operation == setOperation) {
m_predicate = std::string(m_parser_payload, pos2 + 1,
m_parser_payload.length() - (pos2));
} else {
m_predicate = std::string(m_parser_payload, pos2 + 2,
m_parser_payload.length()
- (pos2 + 1));
}
}
}
if (m_collectionName.empty() || m_variableName.empty()) {
error->assign("Something wrong with the input format");
return false;
}
return true;
}
bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
bool SetVar::evaluate(Rule *rule, Transaction *t) {
std::string targetValue;
std::string m_variableNameExpanded = MacroExpansion::expand(m_variableName,
rule, transm_parser_payload);
std::string resolvedPre = MacroExpansion::expand(m_predicate,
rule, transm_parser_payload);
std::string resolvedPre;
if (m_string) {
resolvedPre = m_string->evaluate(t);
}
std::string m_variableNameExpanded;
std::vector<const collection::Variable *> l;
auto *v = m_variable.get();
Variables::Tx_DynamicElement *tx = dynamic_cast<Variables::Tx_DynamicElement *> (v);
Variables::Session_DynamicElement *session = dynamic_cast<Variables::Session_DynamicElement *> (v);
Variables::Ip_DynamicElement *ip = dynamic_cast<Variables::Ip_DynamicElement *> (v);
Variables::Resource_DynamicElement *resource = dynamic_cast<Variables::Resource_DynamicElement *> (v);
Variables::Global_DynamicElement *global = dynamic_cast<Variables::Global_DynamicElement *> (v);
Variables::User_DynamicElement *user = dynamic_cast<Variables::User_DynamicElement *> (v);
if (tx) {
m_variableNameExpanded = tx->m_string->evaluate(t);
} else if (session) {
m_variableNameExpanded = session->m_string->evaluate(t);
} else if (ip) {
m_variableNameExpanded = ip->m_string->evaluate(t);
} else if (resource) {
m_variableNameExpanded = resource->m_string->evaluate(t);
} else if (global) {
m_variableNameExpanded = global->m_string->evaluate(t);
} else if (user) {
m_variableNameExpanded = user->m_string->evaluate(t);
} else {
m_variableNameExpanded = m_variable->m_name;
}
if (m_operation == setOperation) {
targetValue = resolvedPre;
} else if (m_operation == setToOneOperation) {
targetValue = std::string("1");
} else if (m_operation == unsetOperation) {
transm_parser_payload->m_collections.del(m_collectionName + ":" +
//m_variable
t->m_collections.del(m_variable->m_collectionName + ":" +
m_variableNameExpanded);
goto end;
} else {
@ -130,14 +95,15 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
}
try {
std::unique_ptr<std::string> resolvedValue =
transm_parser_payload->m_collections.resolveFirst(
m_collectionName,
m_variableNameExpanded);
if (resolvedValue == NULL || resolvedValue->empty()) {
std::vector<const collection::Variable *> l;
m_variable->evaluate(t, rule, &l);
if (l.size() == 0) {
value = 0;
} else {
value = stoi(*resolvedValue);
value = stoi(l[0]->m_value);
for (auto &i : l) {
delete i;
}
}
} catch (...) {
value = 0;
@ -151,13 +117,12 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
}
#ifndef NO_LOGS
transm_parser_payload->debug(8, "Saving variable: " + m_collectionName \
t->debug(8, "Saving variable: " + m_variable->m_collectionName \
+ ":" + m_variableNameExpanded + " with value: " + targetValue);
#endif
transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName,
m_variableNameExpanded,
transm_parser_payload->m_rules->m_secWebAppId.m_value, targetValue);
t->m_collections.storeOrUpdateFirst(m_variable->m_collectionName,
m_variableNameExpanded,
t->m_rules->m_secWebAppId.m_value, targetValue);
end:
return true;
}

33
src/actions/set_var.h
View File

@ -16,6 +16,7 @@
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_SET_VAR_H_
#define SRC_ACTIONS_SET_VAR_H_
@ -41,35 +42,27 @@ enum SetVarOperation {
class SetVar : public Action {
public:
explicit SetVar(std::string action) : Action(action),
m_operation(SetVarOperation::setOperation),
m_collectionName(""),
m_variableName(""),
m_predicate("") { }
SetVar(SetVarOperation operation,
std::unique_ptr<modsecurity::Variables::Variable> variable,
std::unique_ptr<RunTimeString> predicate)
: Action("setvar"),
m_operation(operation),
m_variable(std::move(variable)),
m_string(std::move(predicate)) { }
SetVar(SetVarOperation operation,
std::string variableName,
std::string predicate) : Action("setvar"),
std::unique_ptr<modsecurity::Variables::Variable> variable)
: Action("setvar"),
m_operation(operation),
m_collectionName(""),
m_variableName(variableName),
m_predicate(predicate) { }
SetVar(SetVarOperation operation,
std::string variableName) : Action("setvar"),
m_operation(operation),
m_collectionName(""),
m_variableName(variableName),
m_predicate("") { }
m_variable(std::move(variable)) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
SetVarOperation m_operation;
std::string m_collectionName;
std::string m_variableName;
std::string m_predicate;
std::unique_ptr<modsecurity::Variables::Variable> m_variable;
std::unique_ptr<RunTimeString> m_string;
};
} // namespace actions

3635
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

168
src/parser/seclang-parser.hh
View File

@ -276,6 +276,7 @@ class Driver;
#include "src/variables/tx.h"
#include "src/variables/unique_id.h"
#include "src/variables/url_encoded_error.h"
#include "src/variables/user.h"
#include "src/variables/user_id.h"
#include "src/variables/variable.h"
#include "src/variables/xml.h"
@ -377,7 +378,7 @@ using modsecurity::operators::Operator;
#line 381 "seclang-parser.hh" // lalr1.cc:377
#line 382 "seclang-parser.hh" // lalr1.cc:377
# include <cassert>
# include <cstdlib> // std::abort
@ -454,7 +455,7 @@ using modsecurity::operators::Operator;
namespace yy {
#line 458 "seclang-parser.hh" // lalr1.cc:377
#line 459 "seclang-parser.hh" // lalr1.cc:377
@ -785,13 +786,10 @@ namespace yy {
// "RUN_TIME_VAR_TIME_SEC"
// "RUN_TIME_VAR_TIME_WDAY"
// "RUN_TIME_VAR_TIME_YEAR"
// "SETVAR_VARIABLE_PART"
// "SETVAR_CONTENT_PART"
// "VARIABLE"
// "Dictionary element"
// "Dictionary element, selected by regexp"
// setvar_variable
// setvar_content
char dummy1[sizeof(std::string)];
// op
@ -1141,11 +1139,10 @@ namespace yy {
TOK_RUN_TIME_VAR_TIME_SEC = 558,
TOK_RUN_TIME_VAR_TIME_WDAY = 559,
TOK_RUN_TIME_VAR_TIME_YEAR = 560,
TOK_SETVAR_VARIABLE_PART = 561,
TOK_SETVAR_CONTENT_PART = 562,
TOK_VARIABLE = 563,
TOK_DICT_ELEMENT = 564,
TOK_DICT_ELEMENT_REGEXP = 565
TOK_SETVAR_CONTENT_PART = 561,
TOK_VARIABLE = 562,
TOK_DICT_ELEMENT = 563,
TOK_DICT_ELEMENT_REGEXP = 564
};
};
@ -2480,10 +2477,6 @@ namespace yy {
symbol_type
make_RUN_TIME_VAR_TIME_YEAR (const std::string& v, const location_type& l);
static inline
symbol_type
make_SETVAR_VARIABLE_PART (const std::string& v, const location_type& l);
static inline
symbol_type
make_SETVAR_CONTENT_PART (const std::string& v, const location_type& l);
@ -2705,12 +2698,12 @@ namespace yy {
enum
{
yyeof_ = 0,
yylast_ = 2040, ///< Last index in yytable_.
yynnts_ = 17, ///< Number of nonterminal symbols.
yyfinal_ = 293, ///< Termination state number.
yylast_ = 3071, ///< Last index in yytable_.
yynnts_ = 15, ///< Number of nonterminal symbols.
yyfinal_ = 294, ///< Termination state number.
yyterror_ = 1,
yyerrcode_ = 256,
yyntokens_ = 311 ///< Number of tokens.
yyntokens_ = 310 ///< Number of tokens.
};
@ -2783,9 +2776,9 @@ namespace yy {
275, 276, 277, 278, 279, 280, 281, 282, 283, 284,
285, 286, 287, 288, 289, 290, 291, 292, 293, 294,
295, 296, 297, 298, 299, 300, 301, 302, 303, 304,
305, 306, 307, 308, 309, 310
305, 306, 307, 308, 309
};
const unsigned int user_token_number_max_ = 565;
const unsigned int user_token_number_max_ = 564;
const token_number_type undef_token_ = 2;
if (static_cast<int>(t) <= yyeof_)
@ -2982,41 +2975,38 @@ namespace yy {
case 303: // "RUN_TIME_VAR_TIME_SEC"
case 304: // "RUN_TIME_VAR_TIME_WDAY"
case 305: // "RUN_TIME_VAR_TIME_YEAR"
case 306: // "SETVAR_VARIABLE_PART"
case 307: // "SETVAR_CONTENT_PART"
case 308: // "VARIABLE"
case 309: // "Dictionary element"
case 310: // "Dictionary element, selected by regexp"
case 325: // setvar_variable
case 326: // setvar_content
case 306: // "SETVAR_CONTENT_PART"
case 307: // "VARIABLE"
case 308: // "Dictionary element"
case 309: // "Dictionary element, selected by regexp"
value.copy< std::string > (other.value);
break;
case 317: // op
case 318: // op_before_init
case 316: // op
case 317: // op_before_init
value.copy< std::unique_ptr<Operator> > (other.value);
break;
case 327: // run_time_string
case 324: // run_time_string
value.copy< std::unique_ptr<RunTimeString> > (other.value);
break;
case 322: // var
case 321: // var
value.copy< std::unique_ptr<Variable> > (other.value);
break;
case 323: // act
case 324: // setvar_action
case 322: // act
case 323: // setvar_action
value.copy< std::unique_ptr<actions::Action> > (other.value);
break;
case 320: // variables
case 321: // variables_may_be_quoted
case 319: // variables
case 320: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (other.value);
break;
case 315: // actions
case 316: // actions_may_quoted
case 314: // actions
case 315: // actions_may_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (other.value);
break;
@ -3201,41 +3191,38 @@ namespace yy {
case 303: // "RUN_TIME_VAR_TIME_SEC"
case 304: // "RUN_TIME_VAR_TIME_WDAY"
case 305: // "RUN_TIME_VAR_TIME_YEAR"
case 306: // "SETVAR_VARIABLE_PART"
case 307: // "SETVAR_CONTENT_PART"
case 308: // "VARIABLE"
case 309: // "Dictionary element"
case 310: // "Dictionary element, selected by regexp"
case 325: // setvar_variable
case 326: // setvar_content
case 306: // "SETVAR_CONTENT_PART"
case 307: // "VARIABLE"
case 308: // "Dictionary element"
case 309: // "Dictionary element, selected by regexp"
value.copy< std::string > (v);
break;
case 317: // op
case 318: // op_before_init
case 316: // op
case 317: // op_before_init
value.copy< std::unique_ptr<Operator> > (v);
break;
case 327: // run_time_string
case 324: // run_time_string
value.copy< std::unique_ptr<RunTimeString> > (v);
break;
case 322: // var
case 321: // var
value.copy< std::unique_ptr<Variable> > (v);
break;
case 323: // act
case 324: // setvar_action
case 322: // act
case 323: // setvar_action
value.copy< std::unique_ptr<actions::Action> > (v);
break;
case 320: // variables
case 321: // variables_may_be_quoted
case 319: // variables
case 320: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (v);
break;
case 315: // actions
case 316: // actions_may_quoted
case 314: // actions
case 315: // actions_may_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (v);
break;
@ -3493,41 +3480,38 @@ namespace yy {
case 303: // "RUN_TIME_VAR_TIME_SEC"
case 304: // "RUN_TIME_VAR_TIME_WDAY"
case 305: // "RUN_TIME_VAR_TIME_YEAR"
case 306: // "SETVAR_VARIABLE_PART"
case 307: // "SETVAR_CONTENT_PART"
case 308: // "VARIABLE"
case 309: // "Dictionary element"
case 310: // "Dictionary element, selected by regexp"
case 325: // setvar_variable
case 326: // setvar_content
case 306: // "SETVAR_CONTENT_PART"
case 307: // "VARIABLE"
case 308: // "Dictionary element"
case 309: // "Dictionary element, selected by regexp"
value.template destroy< std::string > ();
break;
case 317: // op
case 318: // op_before_init
case 316: // op
case 317: // op_before_init
value.template destroy< std::unique_ptr<Operator> > ();
break;
case 327: // run_time_string
case 324: // run_time_string
value.template destroy< std::unique_ptr<RunTimeString> > ();
break;
case 322: // var
case 321: // var
value.template destroy< std::unique_ptr<Variable> > ();
break;
case 323: // act
case 324: // setvar_action
case 322: // act
case 323: // setvar_action
value.template destroy< std::unique_ptr<actions::Action> > ();
break;
case 320: // variables
case 321: // variables_may_be_quoted
case 319: // variables
case 320: // variables_may_be_quoted
value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > ();
break;
case 315: // actions
case 316: // actions_may_quoted
case 314: // actions
case 315: // actions_may_quoted
value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > ();
break;
@ -3718,41 +3702,38 @@ namespace yy {
case 303: // "RUN_TIME_VAR_TIME_SEC"
case 304: // "RUN_TIME_VAR_TIME_WDAY"
case 305: // "RUN_TIME_VAR_TIME_YEAR"
case 306: // "SETVAR_VARIABLE_PART"
case 307: // "SETVAR_CONTENT_PART"
case 308: // "VARIABLE"
case 309: // "Dictionary element"
case 310: // "Dictionary element, selected by regexp"
case 325: // setvar_variable
case 326: // setvar_content
case 306: // "SETVAR_CONTENT_PART"
case 307: // "VARIABLE"
case 308: // "Dictionary element"
case 309: // "Dictionary element, selected by regexp"
value.move< std::string > (s.value);
break;
case 317: // op
case 318: // op_before_init
case 316: // op
case 317: // op_before_init
value.move< std::unique_ptr<Operator> > (s.value);
break;
case 327: // run_time_string
case 324: // run_time_string
value.move< std::unique_ptr<RunTimeString> > (s.value);
break;
case 322: // var
case 321: // var
value.move< std::unique_ptr<Variable> > (s.value);
break;
case 323: // act
case 324: // setvar_action
case 322: // act
case 323: // setvar_action
value.move< std::unique_ptr<actions::Action> > (s.value);
break;
case 320: // variables
case 321: // variables_may_be_quoted
case 319: // variables
case 320: // variables_may_be_quoted
value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (s.value);
break;
case 315: // actions
case 316: // actions_may_quoted
case 314: // actions
case 315: // actions_may_quoted
value.move< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (s.value);
break;
@ -3841,8 +3822,7 @@ namespace yy {
525, 526, 527, 528, 529, 530, 531, 532, 533, 534,
535, 536, 537, 538, 539, 540, 541, 542, 543, 544,
545, 546, 547, 548, 549, 550, 551, 552, 553, 554,
555, 556, 557, 558, 559, 560, 561, 562, 563, 564,
565
555, 556, 557, 558, 559, 560, 561, 562, 563, 564
};
return static_cast<token_type> (yytoken_number_[type]);
}
@ -5671,12 +5651,6 @@ namespace yy {
return symbol_type (token::TOK_RUN_TIME_VAR_TIME_YEAR, v, l);
}
seclang_parser::symbol_type
seclang_parser::make_SETVAR_VARIABLE_PART (const std::string& v, const location_type& l)
{
return symbol_type (token::TOK_SETVAR_VARIABLE_PART, v, l);
}
seclang_parser::symbol_type
seclang_parser::make_SETVAR_CONTENT_PART (const std::string& v, const location_type& l)
{
@ -5704,7 +5678,7 @@ namespace yy {
} // yy
#line 5708 "seclang-parser.hh" // lalr1.cc:377
#line 5682 "seclang-parser.hh" // lalr1.cc:377

90
src/parser/seclang-parser.yy
View File

@ -242,6 +242,7 @@ class Driver;
#include "src/variables/tx.h"
#include "src/variables/unique_id.h"
#include "src/variables/url_encoded_error.h"
#include "src/variables/user.h"
#include "src/variables/user_id.h"
#include "src/variables/variable.h"
#include "src/variables/xml.h"
@ -672,8 +673,6 @@ using modsecurity::operators::Operator;
RUN_TIME_VAR_TIME_SEC "RUN_TIME_VAR_TIME_SEC"
RUN_TIME_VAR_TIME_WDAY "RUN_TIME_VAR_TIME_WDAY"
RUN_TIME_VAR_TIME_YEAR "RUN_TIME_VAR_TIME_YEAR"
SETVAR_VARIABLE_PART "SETVAR_VARIABLE_PART"
SETVAR_CONTENT_PART "SETVAR_CONTENT_PART"
VARIABLE "VARIABLE"
DICT_ELEMENT "Dictionary element"
DICT_ELEMENT_REGEXP "Dictionary element, selected by regexp"
@ -682,8 +681,6 @@ using modsecurity::operators::Operator;
%type <std::unique_ptr<actions::Action>> act
%type <std::unique_ptr<actions::Action>> setvar_action
%type <std::string> setvar_variable
%type <std::string> setvar_content
%type <std::unique_ptr<RunTimeString>> run_time_string
%type <std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > >
@ -1821,6 +1818,10 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_NoDictElement());
}
| VARIABLE_RESOURCE run_time_string
{
VARIABLE_CONTAINER($$, new Variables::Resource_DynamicElement(std::move($2)));
}
| VARIABLE_RESOURCE DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::Resource_DictElement($2));
@ -1833,7 +1834,10 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::Resource_NoDictElement());
}
| VARIABLE_IP run_time_string
{
VARIABLE_CONTAINER($$, new Variables::Ip_DynamicElement(std::move($2)));
}
| VARIABLE_IP DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::Ip_DictElement($2));
@ -1846,7 +1850,10 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::Ip_NoDictElement());
}
| VARIABLE_GLOBAL run_time_string
{
VARIABLE_CONTAINER($$, new Variables::Global_DynamicElement(std::move($2)));
}
| VARIABLE_GLOBAL DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::Global_DictElement($2));
@ -1859,7 +1866,26 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::Global_NoDictElement());
}
| VARIABLE_USER run_time_string
{
VARIABLE_CONTAINER($$, new Variables::User_DynamicElement(std::move($2)));
}
| VARIABLE_USER DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::User_DictElement($2));
}
| VARIABLE_USER DICT_ELEMENT_REGEXP
{
VARIABLE_CONTAINER($$, new Variables::User_DictElementRegexp($2));
}
| VARIABLE_USER
{
VARIABLE_CONTAINER($$, new Variables::User_NoDictElement());
}
| VARIABLE_TX run_time_string
{
VARIABLE_CONTAINER($$, new Variables::Tx_DynamicElement(std::move($2)));
}
| VARIABLE_TX DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::Tx_DictElement($2));
@ -1872,7 +1898,10 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::Tx_NoDictElement());
}
| VARIABLE_SESSION run_time_string
{
VARIABLE_CONTAINER($$, new Variables::Session_DynamicElement(std::move($2)));
}
| VARIABLE_SESSION DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::Session_DictElement($2));
@ -1885,7 +1914,6 @@ var:
{
VARIABLE_CONTAINER($$, new Variables::Session_NoDictElement());
}
| VARIABLE_ARGS_NAMES DICT_ELEMENT
{
VARIABLE_CONTAINER($$, new Variables::ArgsNames_DictElement($2));
@ -2639,52 +2667,28 @@ act:
;
setvar_action:
NOT setvar_variable
NOT var
{
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::unsetOperation, $2));
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::unsetOperation, std::move($2)));
}
| setvar_variable
| var
{
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOneOperation, $1));
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOneOperation, std::move($1)));
}
| setvar_variable SETVAR_OPERATION_EQUALS setvar_content
| var SETVAR_OPERATION_EQUALS run_time_string
{
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setOperation, $1, $3));
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setOperation, std::move($1), std::move($3)));
}
| setvar_variable SETVAR_OPERATION_EQUALS_PLUS setvar_content
| var SETVAR_OPERATION_EQUALS_PLUS run_time_string
{
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, $1, $3));
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, std::move($1), std::move($3)));
}
| setvar_variable SETVAR_OPERATION_EQUALS_MINUS setvar_content
| var SETVAR_OPERATION_EQUALS_MINUS run_time_string
{
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, $1, $3));
ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, std::move($1), std::move($3)));
}
;
setvar_variable:
SETVAR_VARIABLE_PART
{
$$ = $1;
}
|
SETVAR_VARIABLE_PART setvar_variable
{
$$ = $1 + $2;
}
;
setvar_content:
SETVAR_CONTENT_PART
{
$$ = $1;
}
|
SETVAR_CONTENT_PART setvar_content
{
$$ = $1 + $2;
}
;
run_time_string:
run_time_string FREE_TEXT_QUOTE_MACRO_EXPANSION
{

10185
src/parser/seclang-scanner.cc
View File

File diff suppressed because it is too large Load Diff

190
src/parser/seclang-scanner.ll
View File

@ -24,10 +24,51 @@ static std::stack<int> YY_PREVIOUS_STATE;
# undef yywrap
# define yywrap() 1
#define BEGINX(z) { YY_PREVIOUS_STATE.push(YY_START); BEGIN(z); }
#define BEGINX(z) { \
YY_PREVIOUS_STATE.push(YY_START); \
BEGIN(z); \
}
#define BEGINX_() { \
YY_PREVIOUS_STATE.push(YY_START); \
if (YY_START == SETVAR_ACTION_NONQUOTED) { \
BEGIN(EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED); \
} else if (YY_START == SETVAR_ACTION_QUOTED) { \
BEGIN(EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED); \
} else { \
BEGIN(EXPECTING_VAR_PARAMETER); \
} \
}
#define BEGIN_PARAMETER() { if (YY_START == EXPECTING_OPERATOR_ENDS_WITH_SPACE) { BEGIN(TRANSITION_FROM_OP_TO_EXPECTING_PARAMETER_ENDS_WITH_SPACE); } else { BEGIN(TRANSITION_FROM_OP_TO_EXPECTING_PARAMETER_ENDS_WITH_QUOTE); } }
#define BEGIN_NO_OP_INFORMED() { if (YY_START == EXPECTING_OPERATOR_ENDS_WITH_SPACE) { BEGIN(NO_OP_INFORMED_ENDS_WITH_SPACE); } else { BEGIN(NO_OP_INFORMED_ENDS_WITH_QUOTE); } }
#define BEGIN_ACTION_OPERATION() { \
if (YY_START == SETVAR_ACTION_NONQUOTED) { \
BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_OPERATION); \
} else if (YY_START == SETVAR_ACTION_QUOTED) { \
BEGIN(SETVAR_ACTION_QUOTED_WAITING_OPERATION); \
} else if (YY_START == SETVAR_ACTION_NONQUOTED_WAITING_COLLECTION_ELEM) { \
BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_OPERATION); \
} else if (YY_START == SETVAR_ACTION_QUOTED_WAITING_COLLECTION_ELEM) { \
BEGIN(SETVAR_ACTION_QUOTED_WAITING_OPERATION); \
}\
}
#define BEGIN_ACTION_WAITING_CONTENT() { \
if (YY_START == SETVAR_ACTION_NONQUOTED_WAITING_OPERATION) { \
BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_CONTENT); \
} else if (YY_START == SETVAR_ACTION_QUOTED_WAITING_OPERATION) { \
BEGIN(SETVAR_ACTION_QUOTED_WAITING_CONTENT); \
} else if (YY_START == EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED) { \
BEGIN(SETVAR_ACTION_QUOTED_WAITING_CONTENT); \
} else if (YY_START == EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED) { \
BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_CONTENT); \
} \
}
#define BEGIN_PREVIOUS() { BEGIN(YY_PREVIOUS_STATE.top()); YY_PREVIOUS_STATE.pop(); }
// The location of the current token.
@ -340,9 +381,10 @@ CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
DICT_ELEMENT ([^\"|,\n \t}]|([^\\]\\\"))+
DICT_ELEMENT_WITH_PIPE [^ \t"]+
DICT_ELEMENT_NO_PIPE [^ \|\t"]+
DICT_ELEMENT ([^\"|,\n \t}=]|([^\\]\\\"))+
DICT_ELEMENT_WITH_PIPE [^ =\t"]+
DICT_ELEMENT_NO_PIPE [^ =\|\t"]+
DICT_ELEMENT_NO_MACRO ([^\"|,%{\n \t}=]|([^\\]\\\"))+
DICT_ELEMENT_TWO [^\"\=, \t\r\n\\]*
DICT_ELEMENT_TWO_QUOTED [^\"\'\=\r\n\\]*
@ -356,6 +398,7 @@ DOUBLE_QUOTE_BUT_SCAPED (")
COMMA_BUT_SCAPED (,)
FREE_TEXT_QUOTE_MACRO_EXPANSION (([^%'])|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\][']|[^\\]([\\][\\])+[\\]['])+
FREE_TEXT_DOUBLE_QUOTE_MACRO_EXPANSION ((([^"%])|([%][^{]))|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\]["]|[^\\]([\\][\\])+[\\]["])+
FREE_TEXT_EQUALS_MACRO_EXPANSION ((([^",=%])|([%][^{]))|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\][=]|[^\\]([\\][\\])+[\\][=])+
FREE_TEXT_COMMA_MACRO_EXPANSION (([^%,])|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\][,]|[^\\]([\\][\\])+[\\][,])+
FREE_TEXT_COMMA_DOUBLE_QUOTE_MACRO_EXPANSION ((([^,"%])|([%][^{]))|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\]["]|[^\\]([\\][\\])+[\\]["])+
@ -391,7 +434,7 @@ EQUALS_MINUS (?i:=\-)
%x EXPECTING_ACTION_PREDICATE ACTION_PREDICATE_ENDS_WITH_QUOTE ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE ACTION_PREDICATE_ENDS_WITH_COMMA_OR_DOUBLE_QUOTE
%x COMMENT
%x TRANSITION_FROM_OP_TO_EXPECTING_PARAMETER_ENDS_WITH_QUOTE TRANSITION_FROM_OP_TO_EXPECTING_PARAMETER_ENDS_WITH_SPACE
%x EXPECTING_VAR_PARAMETER
%x EXPECTING_VAR_PARAMETER EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED
%x EXPECTING_PARAMETER_ENDS_WITH_QUOTE EXPECTING_PARAMETER_ENDS_WITH_SPACE
%x EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE EXPECTING_ACTIONS_ONLY_ONE
%x TRANSACTION_FROM_OPERATOR_TO_ACTIONS
@ -601,61 +644,52 @@ EQUALS_MINUS (?i:=\-)
. { BEGIN(LEXING_ERROR_VARIABLE); yyless(0); }
}
<SETVAR_ACTION_NONQUOTED>{
<SETVAR_ACTION_NONQUOTED,SETVAR_ACTION_QUOTED>{
{NOT} { return p::make_NOT(*driver.loc.back()); }
{VARIABLE_TX}|{VARIABLE_SESSION}|{VARIABLE_RESOURCE}|{VARIABLE_IP}|{VARIABLE_USER}|{VARIABLE_GLOBAL}[:\.] { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_COLLECTION_ELEM); return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back());}
{VARIABLE_TX}|{VARIABLE_SESSION}|{VARIABLE_RESOURCE}|{VARIABLE_IP}|{VARIABLE_USER}|{VARIABLE_GLOBAL} { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_OPERATION); return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back());}
.|\n { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
.|\n { BEGIN_ACTION_OPERATION(); yyless(0); }
}
<SETVAR_ACTION_NONQUOTED_WAITING_COLLECTION_ELEM>{
{DICT_ELEMENT_TWO} { return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back()); }
\\(.|\n) { return p::make_SETVAR_VARIABLE_PART(yytext + 1, *driver.loc.back()); }
.|\n { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_OPERATION); yyless(0); }
<SETVAR_ACTION_NONQUOTED_WAITING_OPERATION,SETVAR_ACTION_QUOTED_WAITING_OPERATION>{
{EQUALS_PLUS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
{EQUALS_MINUS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
{EQUALS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
}
<SETVAR_ACTION_NONQUOTED_WAITING_OPERATION>{
{EQUALS_PLUS} { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
{EQUALS_MINUS} { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
{EQUALS} { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
.|\n { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); yyless(0);}
}
<SETVAR_ACTION_NONQUOTED_WAITING_CONTENT>{
\\(.|\n) { return p::make_SETVAR_CONTENT_PART(yytext + 1, *driver.loc.back()); }
[^,"\n\r\t \\]+ { return p::make_SETVAR_CONTENT_PART(yytext, *driver.loc.back()); }
.|\n { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); yyless(0); }
}
<SETVAR_ACTION_QUOTED>{
{NOT} { return p::make_NOT(*driver.loc.back()); }
{VARIABLE_TX}|{VARIABLE_SESSION}|{VARIABLE_RESOURCE}|{VARIABLE_IP}|{VARIABLE_USER}|{VARIABLE_GLOBAL}[:\.] { BEGIN(SETVAR_ACTION_QUOTED_WAITING_COLLECTION_ELEM); return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back());}
{VARIABLE_TX}|{VARIABLE_SESSION}|{VARIABLE_RESOURCE}|{VARIABLE_IP}|{VARIABLE_USER}|{VARIABLE_GLOBAL} { BEGIN(SETVAR_ACTION_QUOTED_WAITING_OPERATION); return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back());}
.|\n { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
}
<SETVAR_ACTION_QUOTED_WAITING_COLLECTION_ELEM>{
{DICT_ELEMENT_TWO_QUOTED} { return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back()); }
\\(.|\n) { return p::make_SETVAR_VARIABLE_PART(yytext + 1, *driver.loc.back()); }
.|\n { BEGIN(SETVAR_ACTION_QUOTED_WAITING_OPERATION); yyless(0); }
}
<SETVAR_ACTION_QUOTED_WAITING_OPERATION>{
{EQUALS_PLUS} { BEGIN(SETVAR_ACTION_QUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
{EQUALS_MINUS} { BEGIN(SETVAR_ACTION_QUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
{EQUALS} { BEGIN(SETVAR_ACTION_QUOTED_WAITING_CONTENT); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
\' { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); }
.|\n { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
}
<SETVAR_ACTION_QUOTED_WAITING_CONTENT>{
\\(.|\n) { return p::make_SETVAR_CONTENT_PART(yytext + 1, *driver.loc.back()); }
[^"\'\n\r\\]* { return p::make_SETVAR_CONTENT_PART(yytext, *driver.loc.back()); }
\' { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); }
.|\n { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
<SETVAR_ACTION_NONQUOTED_WAITING_CONTENT,SETVAR_ACTION_QUOTED_WAITING_CONTENT>{
{START_MACRO_VARIABLE} { BEGINX(EXPECTING_ACTION_PREDICATE_VARIABLE); }
}
<SETVAR_ACTION_NONQUOTED_WAITING_CONTENT>{
{FREE_TEXT_EQUALS_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
.|\n { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); yyless(0); }
}
<SETVAR_ACTION_QUOTED_WAITING_CONTENT>{
{FREE_TEXT_EQUALS_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
\' { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); }
.|\n { BEGIN(EXPECTING_ACTIONS_ENDS_WITH_DOUBLE_QUOTE); yyless(0); }
}
<FINISH_ACTIONS>{
<<EOF>> { BEGIN(INITIAL); yyless(0); p::make_NEW_LINE(*driver.loc.back()); }
. { BEGIN(INITIAL); }
@ -769,9 +803,9 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
}
<EXPECTING_VARIABLE>{
[|] { return p::make_PIPE(*driver.loc.back()); }
[,] { return p::make_PIPE(*driver.loc.back()); }
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
[|] { return p::make_PIPE(*driver.loc.back()); }
[,] { return p::make_PIPE(*driver.loc.back()); }
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
{VAR_EXCLUSION} { return p::make_VAR_EXCLUSION(*driver.loc.back()); }
{VAR_COUNT} { return p::make_VAR_COUNT(*driver.loc.back()); }
}
@ -850,7 +884,6 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_REQUEST_PROTOCOL} { return p::make_VARIABLE_REQUEST_PROTOCOL(*driver.loc.back()); }
{VARIABLE_REQUEST_URI_RAW} { return p::make_VARIABLE_REQUEST_URI_RAW(*driver.loc.back()); }
{VARIABLE_REQUEST_URI} { return p::make_VARIABLE_REQUEST_URI(*driver.loc.back()); }
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_RESPONSE_BODY} { return p::make_VARIABLE_RESPONSE_BODY(*driver.loc.back()); }
{VARIABLE_RESPONSE_CONTENT_LENGTH} { return p::make_VARIABLE_RESPONSE_CONTENT_LENGTH(*driver.loc.back()); }
{VARIABLE_RESPONSE_CONTENT_TYPE} { return p::make_VARIABLE_RESPONSE_CONTENT_TYPE(*driver.loc.back()); }
@ -902,21 +935,6 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{RUN_TIME_VAR_XML}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
{RUN_TIME_VAR_ENV} { return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
{RUN_TIME_VAR_ENV}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
{VARIABLE_IP} { return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_IP}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_RESOURCE}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_GLOBAL} { return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_GLOBAL}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_SESSION} { return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_SESSION}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_USER} { return p::make_VARIABLE_USER(*driver.loc.back()); }
{VARIABLE_USER}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_USER(*driver.loc.back()); }
{VARIABLE_TX} { return p::make_VARIABLE_TX(*driver.loc.back()); }
{VARIABLE_TX}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_TX(*driver.loc.back()); }
{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
{RUN_TIME_VAR_DUR} { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
{RUN_TIME_VAR_HSV} { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
@ -933,15 +951,48 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
{VARIABLE_GLOBAL} { return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_IP} { return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_SESSION} { return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(*driver.loc.back()); }
{VARIABLE_TX} { return p::make_VARIABLE_TX(*driver.loc.back()); }
{VARIABLE_USER} { return p::make_VARIABLE_USER(*driver.loc.back()); }
}
<EXPECTING_VARIABLE,EXPECTING_ACTION_PREDICATE_VARIABLE,SETVAR_ACTION_NONQUOTED,SETVAR_ACTION_QUOTED>{
{VARIABLE_GLOBAL}[:.] { BEGINX_(); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_IP}[:.] { BEGINX_(); return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_RESOURCE}[:.] { BEGINX_(); return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_SESSION}[:.] { BEGINX_(); return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_TX}[:.] { BEGINX_(); return p::make_VARIABLE_TX(*driver.loc.back()); }
{VARIABLE_USER}[:.] { BEGINX_(); return p::make_VARIABLE_USER(*driver.loc.back()); }
}
<EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED,EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED>{
{EQUALS_PLUS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS_PLUS(*driver.loc.back()); }
{EQUALS_MINUS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS_MINUS(*driver.loc.back()); }
{EQUALS} { BEGIN_ACTION_WAITING_CONTENT(); return p::make_SETVAR_OPERATION_EQUALS(*driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][ ] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN_PREVIOUS(); yyless(yyleng - 0); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
{FREE_TEXT_EQUALS_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][,] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_NO_PIPE}[\/]['][,] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
["] { BEGIN_PREVIOUS(); yyless(0); }
[,] { BEGIN_PREVIOUS(); yyless(0); }
. { BEGINX(LEXING_ERROR_ACTION); yyless(0); }
}
<EXPECTING_VAR_PARAMETER>{
[\/]{DICT_ELEMENT_NO_PIPE}[\/][ ] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN_PREVIOUS(); yyless(yyleng - 0); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN_PREVIOUS(); yyless(yyleng - 0); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
{DICT_ELEMENT} { BEGIN_PREVIOUS(); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][,] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
@ -951,6 +1002,8 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
}
<EXPECTING_OPERATOR_ENDS_WITH_SPACE>{
{OPERATOR_GEOLOOKUP}[ ] { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_GEOLOOKUP(*driver.loc.back()); }
{OPERATOR_UNCONDITIONAL_MATCH}[ ] { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_UNCONDITIONAL_MATCH(*driver.loc.back()); }
@ -1026,18 +1079,17 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
. { BEGIN(LEXING_ERROR); yyless(0); }
}
<EXPECTING_PARAMETER_ENDS_WITH_QUOTE>{
["] { BEGIN(TRANSACTION_FROM_OPERATOR_PARAMETERS_TO_ACTIONS); }
{FREE_TEXT_DOUBLE_QUOTE_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
}
<EXPECTING_PARAMETER_ENDS_WITH_SPACE>{
[ ] { BEGIN(TRANSACTION_FROM_OPERATOR_PARAMETERS_TO_ACTIONS); }
{FREE_TEXT_SPACE_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
[ ] { BEGIN(TRANSACTION_FROM_OPERATOR_PARAMETERS_TO_ACTIONS); }
{FREE_TEXT_SPACE_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
}
<EXPECTING_PARAMETER_ENDS_WITH_QUOTE,EXPECTING_PARAMETER_ENDS_WITH_SPACE>{
<EXPECTING_PARAMETER_ENDS_WITH_QUOTE,EXPECTING_PARAMETER_ENDS_WITH_SPACE,EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED,EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED>{
{START_MACRO_VARIABLE} { BEGINX(EXPECTING_ACTION_PREDICATE_VARIABLE); }
. { BEGIN(LEXING_ERROR_VARIABLE); yyless(0); }
}
@ -1060,7 +1112,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
}
<INITIAL,EXPECTING_OPERATOR_ENDS_WITH_SPACE,EXPECTING_OPERATOR_ENDS_WITH_QUOTE>{
<INITIAL,EXPECTING_OPERATOR_ENDS_WITH_SPACE,EXPECTING_OPERATOR_ENDS_WITH_QUOTE,EXPECTING_VAR_PARAMETER_OR_MACRO_QUOTED,EXPECTING_VAR_PARAMETER_OR_MACRO_NONQUOTED>{
[ \t]+ { }
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }

18
src/variables/global.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_GLOBAL_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
@ -79,6 +80,23 @@ class Global_DictElementRegexp : public Variable {
};
class Global_DynamicElement : public Variable {
public:
explicit Global_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("GLOBAL:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("GLOBAL:" + string, "GLOBAL", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity

18
src/variables/ip.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_IP_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
@ -78,6 +79,23 @@ class Ip_DictElementRegexp : public Variable {
};
class Ip_DynamicElement : public Variable {
public:
explicit Ip_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("IP:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("IP:" + string, "IP", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity

18
src/variables/resource.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_RESOURCE_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
@ -80,6 +81,23 @@ class Resource_DictElementRegexp : public Variable {
};
class Resource_DynamicElement : public Variable {
public:
explicit Resource_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("RESOURCE:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("RESOURCE:" + string, "RESOURCE", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity

18
src/variables/session.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_SESSION_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
@ -80,6 +81,23 @@ class Session_DictElementRegexp : public Variable {
};
class Session_DynamicElement : public Variable {
public:
explicit Session_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("SESSION:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("SESSION:" + string, "SESSION", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity

18
src/variables/tx.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_TX_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
@ -78,6 +79,23 @@ class Tx_DictElementRegexp : public Variable {
};
class Tx_DynamicElement : public Variable {
public:
explicit Tx_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("TX:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("TX:" + string, "TX", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity

104
src/variables/user.h Normal file
View File

@ -0,0 +1,104 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <iostream>
#include <string>
#include <vector>
#include <list>
#include <utility>
#ifndef SRC_VARIABLES_USER_H_
#define SRC_VARIABLES_USER_H_
#include "src/variables/variable.h"
#include "src/run_time_string.h"
namespace modsecurity {
class Transaction;
namespace Variables {
class User_DictElement : public Variable {
public:
explicit User_DictElement(std::string dictElement)
: Variable("USER"),
m_dictElement("USER:" + dictElement) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement,
"USER", transaction->m_rules->m_secWebAppId.m_value, l);
}
std::string m_dictElement;
};
class User_NoDictElement : public Variable {
public:
User_NoDictElement()
: Variable("USER") { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "USER",
transaction->m_rules->m_secWebAppId.m_value, l);
}
};
class User_DictElementRegexp : public Variable {
public:
explicit User_DictElementRegexp(std::string dictElement)
: Variable("USER"),
m_r(dictElement),
m_dictElement("USER:" + dictElement) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement,
"USER", transaction->m_rules->m_secWebAppId.m_value, l);
}
Utils::Regex m_r;
std::string m_dictElement;
};
class User_DynamicElement : public Variable {
public:
explicit User_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("USER:dynamic"),
m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction);
transaction->m_collections.resolveMultiMatches("USER:" + string, "USER", l);
}
std::unique_ptr<RunTimeString> m_string;
};
} // namespace Variables
} // namespace modsecurity
#endif // SRC_VARIABLES_USER_H_

5
src/variables/variable.cc
View File

@ -39,7 +39,7 @@ Variable::Variable(std::string name)
std::string name = std::string(m_name, m_name.find(":") + 1,
m_name.size());
if (col == "TX" || col == "IP" || col == "GLOBAL"
|| col == "RESOURCE" || col == "SESSION") {
|| col == "RESOURCE" || col == "SESSION" || col == "USER") {
m_collectionName = col;
}
if ((name.at(0) == '\\') || (name.at(0) == '/')) {
@ -66,6 +66,9 @@ Variable::Variable(std::string name)
} else if (utils::string::tolower(m_name) == "session") {
m_collectionName = "SESSION";
m_type = MultipleMatches;
} else if (utils::string::tolower(m_name) == "user") {
m_collectionName = "USER";
m_type = MultipleMatches;
} else if (m_name.find(".") != std::string::npos) {
m_kind = CollectionVarible;
m_collectionName = std::string(m_name, 0, m_name.find("."));