mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-30 19:47:47 +03:00
Support configurable limit on number of arguments processed
This commit is contained in:
martinhsv
committed by
Felipe Zimmerle
Felipe Zimmerle
parent
4e9ba44d03
commit
f57265a3e2
File diff suppressed because it is too large
Load Diff
File diff suppressed because one or more lines are too long
@@ -601,6 +601,7 @@ using namespace modsecurity::operators;
|
||||
CONFIG_SEC_CONN_R_STATE_LIMIT "CONFIG_SEC_CONN_R_STATE_LIMIT"
|
||||
CONFIG_SEC_CONN_W_STATE_LIMIT "CONFIG_SEC_CONN_W_STATE_LIMIT"
|
||||
CONFIG_SEC_SENSOR_ID "CONFIG_SEC_SENSOR_ID"
|
||||
CONFIG_DIR_ARGS_LIMIT "CONFIG_DIR_ARGS_LIMIT"
|
||||
CONFIG_DIR_REQ_BODY "CONFIG_DIR_REQ_BODY"
|
||||
CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
|
||||
CONFIG_DIR_REQ_BODY_LIMIT "CONFIG_DIR_REQ_BODY_LIMIT"
|
||||
@@ -1553,6 +1554,11 @@ expression:
|
||||
YYERROR;
|
||||
#endif // WITH_GEOIP
|
||||
}
|
||||
| CONFIG_DIR_ARGS_LIMIT
|
||||
{
|
||||
driver.m_argumentsLimit.m_set = true;
|
||||
driver.m_argumentsLimit.m_value = atoi($1.c_str());
|
||||
}
|
||||
/* Body limits */
|
||||
| CONFIG_DIR_REQ_BODY_LIMIT
|
||||
{
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -359,6 +359,7 @@ CONFIG_SEC_STREAM_IN_BODY_INSPECTION (?i:SecStreamInBodyInspection)
|
||||
CONFIG_SEC_STREAM_OUT_BODY_INSPECTION (?i:SecStreamOutBodyInspection)
|
||||
CONFIG_DIR_PCRE_MATCH_LIMIT (?i:SecPcreMatchLimit)
|
||||
CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION (?i:SecPcreMatchLimitRecursion)
|
||||
CONFIG_DIR_ARGS_LIMIT (?i:SecArgumentsLimit)
|
||||
CONFIG_DIR_REQ_BODY (?i:SecRequestBodyAccess)
|
||||
CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT (?i:SecRequestBodyInMemoryLimit)
|
||||
CONFIG_DIR_REQ_BODY_LIMIT (?i:SecRequestBodyLimit)
|
||||
@@ -758,13 +759,17 @@ EQUALS_MINUS (?i:=\-)
|
||||
{CONFIG_DIR_AUDIT_STS}[ \t]+{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_DIR_AUDIT_STS(parserSanitizer(strchr(yytext, ' ') + 1), *driver.loc.back()); }
|
||||
{CONFIG_DIR_AUDIT_STS}[ \t]+["]{NEW_LINE_FREE_TEXT}["] { return p::make_CONFIG_DIR_AUDIT_STS(parserSanitizer(strchr(yytext, ' ') + 1), *driver.loc.back()); }
|
||||
{CONFIG_DIR_AUDIT_TPE} { return p::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); }
|
||||
|
||||
|
||||
{CONFIG_DIR_DEBUG_LOG}[ \t]+{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_DEBUG_LOG}[ \t]+["]{CONFIG_VALUE_PATH}["] { return p::make_CONFIG_DIR_DEBUG_LOG(parserSanitizer(strchr(yytext, ' ') + 1), *driver.loc.back()); }
|
||||
{CONFIG_DIR_DEBUG_LVL}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_DEBUG_LVL(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_GEO_DB}[ \t]+{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_DIR_GEO_DB(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_PCRE_MATCH_LIMIT}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_PCRE_MATCH_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_ARGS_LIMIT}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_ARGS_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
|
||||
{CONFIG_DIR_REQ_BODY_LIMIT_ACTION} { return p::make_CONFIG_DIR_REQ_BODY_LIMIT_ACTION(yytext, *driver.loc.back()); }
|
||||
{CONFIG_DIR_REQ_BODY_LIMIT}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT}[ \t]+{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
|
||||
Reference in New Issue
Block a user